|
Plagegeister aller Art und deren Bekämpfung: Cursor friert für kurze Zeit einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.12.2015, 11:53 | #16 |
| Cursor friert für kurze Zeit ein Hi Dennis, habe erst jetzt deine Anweisung von gestern abend gelesen. Das ist das Ergebnis von CrystalDiskInfo. Code:
ATTFilter ---------------------------------------------------------------------------- CrystalDiskInfo 6.1.1 (C) 2008-2014 hiyohiyo Crystal Dew World : hxxp://crystalmark.info/ ---------------------------------------------------------------------------- OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64) Date : 2015/12/23 11:48:31 -- Controller Map ---------------------------------------------------------- - Ricoh PCIe SD Bus Host Adapter [ATA] + Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA] - ST9500325AS - TSSTcorp CDDVDW TS-L633C - Ricoh PCIe Memory Stick Host Controller [ATA] + H+H Virtual CD 10 SCSI Controller [SCSI] - Virtuelles RAID-Gerät - VXDV BD-HD-DVDRAM S15 SCSI CdRom Device - VXDV BD-HD-DVDROM S10 SCSI CdRom Device + MagicISO SCSI Host Controller [SCSI] - MagicISO Virtual DVD-ROM0000 -- Disk List --------------------------------------------------------------- (1) ST9500325AS : 500,1 GB [0/0/0, pd1] - st ---------------------------------------------------------------------------- (1) ST9500325AS ---------------------------------------------------------------------------- Model : ST9500325AS Firmware : 0006SDM2 Serial Number : 5VED769V Disk Size : 500,1 GB (8,4/137,4/500,1/500,1) Buffer Size : 8192 KB Queue Depth : 32 # of Sectors : 976773168 Rotation Rate : 5400 RPM Interface : Serial ATA Major Version : ATA8-ACS Minor Version : ATA8-ACS version 4 Transfer Mode : ---- | SATA/150 Power On Hours : 13366 Std. Power On Count : 5055 mal Temparature : 28 C (82 F) Health Status : Gut Features : S.M.A.R.T., APM, 48bit LBA, NCQ APM Level : 8080h [ON] AAM Level : ---- -- S.M.A.R.T. -------------------------------------------------------------- ID Cur Wor Thr RawValues(6) Attribute Name 01 120 _99 __6 00000E20F777 Lesefehlerrate 03 _99 _99 __0 000000000000 Beschleunigungszeit 04 _96 _96 _20 0000000013C8 Start/Stop des Spindels 05 100 100 _36 000000000000 Neu zugewiesene Sektoren 07 _85 _60 _30 0000173B758A Suchfehlerrate 09 _85 _85 __0 000000003436 Eingeschaltete Stunden 0A 100 100 _97 000000000000 Drehwiederholungen 0C _96 _96 _20 0000000013BF Ein-/Ausschaltungen B8 100 100 _99 000000000000 Ende-zu-Ende Fehler BB _90 _90 __0 00000000000A Gemeldete unkorrigierbare Fehler BC 100 100 __0 000000000000 Befehlszeitüberschreitung BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge BE _72 _52 _45 00001C13001C Luftstromtemperatur BF _98 _98 __0 0000000011AB G-Sense Fehlerrate C0 100 100 __0 00000000002D Ausschaltungsabbrüche C1 __5 __5 __0 00000002E9E0 Laden/Entladen Zyklus C2 _28 _48 __0 000A0000001C Temperatur C3 _53 _47 __0 00000E20F777 Hardware ECC wiederhergestellt C5 100 100 __0 000000000000 Aktuell schwebende Sektoren C6 100 100 __0 000000000000 Unkorrigierbare Sektoren C7 200 200 __0 000000000000 UltraDMA CRC Fehler FE 100 100 __0 000000000000 Freifallschutz -- IDENTIFY_DEVICE --------------------------------------------------------- 0 1 2 3 4 5 6 7 8 9 000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000 010: 2020 2020 2020 2020 2020 2020 3556 4544 3736 3956 020: 0000 4000 0004 3030 3036 5344 4D32 5354 3935 3030 030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020 040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00 050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110 060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000 070: 0000 0000 0000 0000 0000 001F 0502 0000 0048 0048 080: 01F0 0029 346B 7D09 6123 3469 BC09 6123 407F 0041 090: 0041 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000 100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500 110: 2AAD C2E7 0000 0000 0000 0000 0000 0000 0000 401E 120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030 130: 3A38 6030 3A38 2020 0002 0140 0100 5000 3C06 3C0A 140: 0000 003C 0000 0008 0000 0000 001F 0280 0000 0000 150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000 160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 200: 0000 0000 0000 0000 0000 0000 103B 0000 0000 0000 210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000 220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000 230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 250: 0000 0000 0000 0000 0000 1BA5 -- SMART_READ_DATA --------------------------------------------------------- +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F 000: 0A 00 01 0F 00 78 63 77 F7 20 0E 00 00 00 03 03 010: 00 63 63 00 00 00 00 00 00 00 04 32 00 60 60 C8 020: 13 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00 030: 00 00 07 0F 00 55 3C 8A 75 3B 17 00 00 00 09 32 040: 00 55 55 36 34 00 00 00 00 00 0A 13 00 64 64 00 050: 00 00 00 00 00 00 0C 32 00 60 60 BF 13 00 00 00 060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32 070: 00 5A 5A 0A 00 00 00 00 00 00 BC 32 00 64 64 00 080: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00 090: 00 00 BE 22 00 48 34 1C 00 13 1C 00 00 00 BF 32 0A0: 00 62 62 AB 11 00 00 00 00 00 C0 32 00 64 64 2D 0B0: 00 00 00 00 00 00 C1 32 00 05 05 E0 E9 02 00 00 0C0: 00 00 C2 22 00 1C 30 1C 00 00 00 0A 00 00 C3 1A 0D0: 00 35 2F 77 F7 20 0E 00 00 00 C5 12 00 64 64 00 0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00 0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 FE 32 100: 00 64 64 00 00 00 00 00 00 00 00 00 00 00 00 00 110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73 170: 03 00 01 00 01 89 02 00 00 00 00 00 00 00 00 00 180: 00 00 00 00 00 00 00 00 01 01 01 01 01 01 01 01 190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 1A0: 00 00 00 00 AB 11 00 00 A0 58 81 EB C7 2B 00 00 1B0: 00 00 00 00 01 00 15 CD 23 13 9D 45 2D 46 05 00 1C0: AE 1D DC DC BA F2 4F 00 00 00 00 00 36 BD 55 00 1D0: 00 00 00 00 00 00 00 00 41 01 00 00 87 00 05 00 1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D 1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D -- SMART_READ_THRESHOLD ---------------------------------------------------- +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F 000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00 070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00 080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00 090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00 0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00 0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00 0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00 0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00 0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00 0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 FE 00 100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AC Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 22.12.2015 Suchlaufzeit: 23:08 Protokolldatei: mbam-log.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.22.06 Rootkit-Datenbank: v2015.12.18.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Klaus Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 447677 Abgelaufene Zeit: 3 Std., 48 Min., 55 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Tiefer Rootkit-Suchlauf: Aktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 16 PUP.Optional.Iminent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}, , [0519278187045fd78f87105c907234cc], PUP.Optional.Iminent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}, , [0519278187045fd78f87105c907234cc], PUP.Optional.2YourFace, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}, , [c856c8e0d5b64aec3b7f60f9847e857b], PUP.Optional.SettingsProtector, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pgafcinpmmpklohkojmllohdhomoefph, , [d846c7e115763df99a8fa715e51e53ad], PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NGNJHFPFHADNCGAFGBNEELJAGINIMMMK, , [59c5d9cf305b162042ac91203ac87888], PUP.Optional.TermTutor, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD, , [65b9abfde0ab979fce83f2d131d2ae52], PUP.Optional.SmartSaver, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 15, , [63bb2385107bff37d8d4724b15ee9d63], PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [62bccddb4249ac8a3f4817801fe4ae52], PUP.Optional.CouponMarvel.AppFlsh, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\lollipop, , [ac725a4e99f216200be19570ba4aa759], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3344838F-FBF8-4F25-90A3-A05AB344B1BE}, , [2bf3a107018a1422a6f2e6b257ac1de3], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE43E92-90B6-4DB9-B71F-18B02CF045FB}, , [b66833753952c86e4354613711f2867a], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5400D26-A668-4004-AE73-27C960402CBB}, , [819d179183084aec4652bedabe457789], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB6E9F2D-C63C-4245-B698-812CD39611CF}, , [57c74b5d4e3d95a19dfb089037ccc33d], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFB45E5B-1B47-4F58-9281-4EB22B9F7211}, , [22fcf0b85536e650e0b7dfb910f3c63a], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2F9D3C1-A78A-461F-95A1-DEE9165CC02E}, , [95898b1d1f6c59dd385f1f7993709d63], PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB956015-11F4-45C2-B84A-ACE21D9E6AD3}, , [32ecf5b38efdd66012852e6a83805da3], Registrierungswerte: 11 PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NGNJHFPFHADNCGAFGBNEELJAGINIMMMK|path, C:\Users\Klaus\AppData\Local\Temp\tbch.crx, , [59c5d9cf305b162042ac91203ac87888] PUP.Optional.TermTutor, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|termtutor@termtutor.com, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com, , [41dda1077516092d90c0b40f8182db25] PUP.Optional.TermTutor, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TTNFD|ImagePath, system32\drivers\ttnfd.sys, , [65b9abfde0ab979fce83f2d131d2ae52] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3344838F-FBF8-4F25-90A3-A05AB344B1BE}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe, , [2bf3a107018a1422a6f2e6b257ac1de3] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7EE43E92-90B6-4DB9-B71F-18B02CF045FB}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe, , [b66833753952c86e4354613711f2867a] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A5400D26-A668-4004-AE73-27C960402CBB}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe, , [819d179183084aec4652bedabe457789] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB6E9F2D-C63C-4245-B698-812CD39611CF}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-codedownloader.exe, , [57c74b5d4e3d95a19dfb089037ccc33d] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AFB45E5B-1B47-4F58-9281-4EB22B9F7211}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe, , [22fcf0b85536e650e0b7dfb910f3c63a] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2F9D3C1-A78A-461F-95A1-DEE9165CC02E}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe, , [95898b1d1f6c59dd385f1f7993709d63] PUP.Optional.CrossRider, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EB956015-11F4-45C2-B84A-ACE21D9E6AD3}|AppName, 5250c108-bbd0-4eaa-842e-11b71784f990-2.exe-buttonutil.exe, , [32ecf5b38efdd66012852e6a83805da3] PUP.Optional.BrowserMngr, HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|BrowserMngrDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [52cc4068800bc571b9c7e221c14301ff] Registrierungsdaten: 1 Broken.OpenCommand, HKCR\scrfile\shell\open\command, Gut: ("Schlecht: ()" /S), ,[ffffffffffffffffffffffffffffffff], %5 Ordner: 4 PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, , [3ae4faae2863b482c16e3e42c73bf40c], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings, , [9a84198fa8e3cd696878bcc856ac29d7], Dateien: 15 PUP.Optional.WirelessNetworkTool, C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\WirelessNetView.exe, , [0f0f72365b305adca9d39716ca3ace32], PUP.Optional.HistoryTool, C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\iehv.exe, , [849a8820a7e489ade350fe72f40db848], PUP.Optional.StartUpManager, C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\strun.exe, , [8c92674132593ff7408df57b1fe26997], PUP.Optional.ProductKeyFinder, C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\ProduKey.exe, , [fa246e3a206b201654323c34d22fcc34], PUP.Optional.VeriStaff, C:\Windows\Installer\280e0b43.msi, , [d846bbed761594a2695b35e239c78080], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.BrowserManager, C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22, , [9a84198fa8e3cd696878bcc856ac29d7], PUP.Optional.ASK, C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml, , [59c535738dfe49ed0931ccec7a8ac53b], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
23.12.2015, 13:44 | #17 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi,
__________________schieb mal die Funde von MBAM in Quarantäne, dann mach noch das hier: Schritt # 1: ESET ESET Online Scanner
Schritt # 2: FRST Und noch ein frisches FRST-Log bitte. Schritt # 3: Bitte Posten
__________________ |
23.12.2015, 14:03 | #18 |
| Cursor friert für kurze Zeit ein Hi Dennis,
__________________hier das Ergebnis von CrystalDiskInfo. Code:
ATTFilter ---------------------------------------------------------------------------- CrystalDiskInfo 6.1.1 (C) 2008-2014 hiyohiyo Crystal Dew World : hxxp://crystalmark.info/ ---------------------------------------------------------------------------- OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64) Date : 2015/12/23 14:00:25 -- Controller Map ---------------------------------------------------------- - Ricoh PCIe SD Bus Host Adapter [ATA] + Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA] - ST9500325AS - TSSTcorp CDDVDW TS-L633C - Ricoh PCIe Memory Stick Host Controller [ATA] + H+H Virtual CD 10 SCSI Controller [SCSI] - Virtuelles RAID-Gerät - VXDV BD-HD-DVDRAM S15 SCSI CdRom Device - VXDV BD-HD-DVDROM S10 SCSI CdRom Device + MagicISO SCSI Host Controller [SCSI] - MagicISO Virtual DVD-ROM0000 -- Disk List --------------------------------------------------------------- (1) ST9500325AS : 500,1 GB [0/0/0, pd1] - st ---------------------------------------------------------------------------- (1) ST9500325AS ---------------------------------------------------------------------------- Model : ST9500325AS Firmware : 0006SDM2 Serial Number : 5VED769V Disk Size : 500,1 GB (8,4/137,4/500,1/500,1) Buffer Size : 8192 KB Queue Depth : 32 # of Sectors : 976773168 Rotation Rate : 5400 RPM Interface : Serial ATA Major Version : ATA8-ACS Minor Version : ATA8-ACS version 4 Transfer Mode : ---- | SATA/150 Power On Hours : 13368 Std. Power On Count : 5055 mal Temparature : 39 C (102 F) Health Status : Gut Features : S.M.A.R.T., APM, 48bit LBA, NCQ APM Level : 8080h [ON] AAM Level : ---- -- S.M.A.R.T. -------------------------------------------------------------- ID Cur Wor Thr RawValues(6) Attribute Name 01 113 _99 __6 0000036418E5 Lesefehlerrate 03 _99 _99 __0 000000000000 Beschleunigungszeit 04 _96 _96 _20 0000000013C8 Start/Stop des Spindels 05 100 100 _36 000000000000 Neu zugewiesene Sektoren 07 _85 _60 _30 0000173D07E4 Suchfehlerrate 09 _85 _85 __0 000000003438 Eingeschaltete Stunden 0A 100 100 _97 000000000000 Drehwiederholungen 0C _96 _96 _20 0000000013BF Ein-/Ausschaltungen B8 100 100 _99 000000000000 Ende-zu-Ende Fehler BB _90 _90 __0 00000000000A Gemeldete unkorrigierbare Fehler BC 100 100 __0 000000000000 Befehlszeitüberschreitung BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge BE _61 _52 _45 000028130027 Luftstromtemperatur BF _98 _98 __0 0000000011AE G-Sense Fehlerrate C0 100 100 __0 00000000002D Ausschaltungsabbrüche C1 __5 __5 __0 00000002E9E0 Laden/Entladen Zyklus C2 _39 _48 __0 000A00000027 Temperatur C3 _54 _47 __0 0000036418E5 Hardware ECC wiederhergestellt C5 100 100 __0 000000000000 Aktuell schwebende Sektoren C6 100 100 __0 000000000000 Unkorrigierbare Sektoren C7 200 200 __0 000000000000 UltraDMA CRC Fehler FE 100 100 __0 000000000000 Freifallschutz -- IDENTIFY_DEVICE --------------------------------------------------------- 0 1 2 3 4 5 6 7 8 9 000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000 010: 2020 2020 2020 2020 2020 2020 3556 4544 3736 3956 020: 0000 4000 0004 3030 3036 5344 4D32 5354 3935 3030 030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020 040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00 050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110 060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000 070: 0000 0000 0000 0000 0000 001F 0502 0000 0048 0048 080: 01F0 0029 346B 7D09 6123 3469 BC09 6123 407F 0041 090: 0041 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000 100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500 110: 2AAD C2E7 0000 0000 0000 0000 0000 0000 0000 401E 120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030 130: 3A38 6030 3A38 2020 0002 0140 0100 5000 3C06 3C0A 140: 0000 003C 0000 0008 0000 0000 001F 0280 0000 0000 150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000 160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 200: 0000 0000 0000 0000 0000 0000 103B 0000 0000 0000 210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000 220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000 230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 250: 0000 0000 0000 0000 0000 1BA5 -- SMART_READ_DATA --------------------------------------------------------- +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F 000: 0A 00 01 0F 00 71 63 E5 18 64 03 00 00 00 03 03 010: 00 63 63 00 00 00 00 00 00 00 04 32 00 60 60 C8 020: 13 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00 030: 00 00 07 0F 00 55 3C E4 07 3D 17 00 00 00 09 32 040: 00 55 55 38 34 00 00 00 00 00 0A 13 00 64 64 00 050: 00 00 00 00 00 00 0C 32 00 60 60 BF 13 00 00 00 060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32 070: 00 5A 5A 0A 00 00 00 00 00 00 BC 32 00 64 64 00 080: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00 090: 00 00 BE 22 00 3D 34 27 00 13 28 00 00 00 BF 32 0A0: 00 62 62 AE 11 00 00 00 00 00 C0 32 00 64 64 2D 0B0: 00 00 00 00 00 00 C1 32 00 05 05 E0 E9 02 00 00 0C0: 00 00 C2 22 00 27 30 27 00 00 00 0A 00 00 C3 1A 0D0: 00 36 2F E5 18 64 03 00 00 00 C5 12 00 64 64 00 0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00 0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 FE 32 100: 00 64 64 00 00 00 00 00 00 00 00 00 00 00 00 00 110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73 170: 03 00 01 00 01 89 02 00 00 00 00 00 00 00 00 00 180: 00 00 00 00 61 0A 00 00 01 01 01 01 01 01 01 01 190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 1A0: 00 00 00 00 AE 11 00 00 F5 01 4D D5 C9 2B 00 00 1B0: 00 00 00 00 01 00 2D CD 55 E9 8D 6B 4A 46 05 00 1C0: DE 9A E3 33 67 F5 4F 00 00 00 00 00 2F 2F 0D 00 1D0: 00 00 00 00 00 00 00 00 EE 25 00 00 87 00 05 00 1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D 1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 48 -- SMART_READ_THRESHOLD ---------------------------------------------------- +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F 000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00 010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00 020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00 030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00 040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00 050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00 060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00 070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00 080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00 090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00 0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00 0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00 0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00 0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00 0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00 0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 FE 00 100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AC |
23.12.2015, 14:03 | #19 |
/// Malwareteam | Cursor friert für kurze Zeit ein Ich denks mir eh gerade |
23.12.2015, 17:31 | #20 |
| Cursor friert für kurze Zeit ein Hi, ESET läuft jetzt seit mehr als 3 Stunden und hat 40% gescannt. Das kann also noch bis in die Nacht dauern. mfG Klaus |
23.12.2015, 17:45 | #21 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, Das ist normal, dafür ist er sehr gründlich
__________________ --> Cursor friert für kurze Zeit ein |
24.12.2015, 12:31 | #22 |
| Cursor friert für kurze Zeit ein Hi, jetzt sind alle Suchläufe durch und ich poste die Ergebnisse. Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=fd77b5f4d486594f8a65b49d895cba53 # end=init # utc_time=2015-12-23 01:07:00 # local_time=2015-12-23 02:07:00 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 27333 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=fd77b5f4d486594f8a65b49d895cba53 # engine=27333 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-12-24 12:21:18 # local_time=2015-12-24 01:21:18 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 19197569 122210100 0 0 # scanned=538506 # found=13 # cleaned=0 # scan_time=40073 sh=5B5EA2F5CEC496F99D245A68C884C09F5849E037 ft=1 fh=038fab3ea954bf64 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klaus\AppData\Local\Temp\DMR\dmr_72.exe" sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klaus\AppData\Roaming\LL" sh=F346D91A2E5F5FBEFF8F19023463F079E6E89B7A ft=0 fh=0000000000000000 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klaus\Videos\streamtransport_1.1.6.2.zip" sh=075478ED256C74207FB1540F41BE4934B47D549B ft=1 fh=5a1a58d6a5023955 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klaus\Videos\streamtransport_1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe" sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Klaus\Videos\streamtransport_1.1.6.2\Streamtransport IE10\streamtransport_setup.exe" sh=DD8D791EF618CF7E811163BD85712B508835F16B ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\280e0b43.msi" sh=70E8C969380B407C729D004E4253284D1F11632A ft=1 fh=f5c773b3297abd44 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\DVD-01-16-2\pcwsoft\PDFCreator-2_2_1-setup.exe" sh=BAEE048951A7B499B47435840478CC63341A3953 ft=1 fh=d79d2151179576d8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\ChanSort - CHIP-Installer(1).exe" sh=AD5E11BEF8A8E07B2A052DDD4822C5FFA0C3218D ft=1 fh=be5fe0e7d2bf47c1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\HijackThis - CHIP-Installer.exe" sh=3087FA922C37388720FB36B70D3FF341FEDA75CD ft=1 fh=5596e3b83bc25dd1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\EXE\ChanSort - CHIP-Installer.exe" sh=AF72899A06423720C7DFC23D0C4E8EB23712395B ft=1 fh=e76399ed57a66a65 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\EXE\StreamTransport - CHIP-Installer.exe" sh=6CADEEB22F81E4E1998818AE79A7035E7CF515ED ft=1 fh=40b4dde60fbd4a13 vn="Win32/Toolbar.Conduit.AE evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\EXE\XMediaRecode3148_setup.exe" sh=6A1B8BD71D38104FDBC782308156775433D378E8 ft=1 fh=100a0dc67752f66f vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Dateien\Downloads\EXE\YTD43Setup.exe" FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 durchgeführt von Klaus (Administrator) auf LAPTOP (24-12-2015 07:26:21) Gestartet von D:\Eigene Dateien\Downloads Geladene Profile: Klaus & (Verfügbare Profile: Klaus & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe (DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\UI0Detect.exe (Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare) HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-04-01] (Seagate Technology LLC) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-07-29] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-02-03] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011-05-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12] ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-12-18] ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-04-03] ShortcutTarget: Mediencenter.lnk -> C:\Users\Klaus\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Keine Datei) BootExecute: autocheck autochk * ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{27100D96-1E72-4C4E-BDC0-82EFB7D67E71}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [NameServer] 192.168.2.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898 FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-03] (LastPass) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-03] (LastPass) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei] FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei] FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll [2011-05-14] (soft Xpansion) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-28] (Apple Inc.) FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml [2015-12-22] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\engine-thecoolestmovies.xml [2015-10-01] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\metager.xml [2015-12-07] FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx [2015-05-31] FF Extension: LastPass - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com [2015-12-19] FF Extension: iCloud Bookmarks - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\Extensions\firefoxdav@icloud.com [2015-10-29] FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [NGNJHFPFHADNCGAFGBNEELJAGINIMMMK] - C:\Users\Klaus\AppData\Local\Temp\tbch.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-22] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-22] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] S2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80448 2012-07-18] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-04-01] (Seagate Technology LLC) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-22] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.) U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation) S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Datei ist nicht signiert] S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Datei ist nicht signiert] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] () S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-10] () [Datei ist nicht signiert] S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert] R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2011-04-19] (H+H Software GmbH) U3 DfSdkS; kein ImagePath S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X] S3 NPF; system32\drivers\NPF.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] U1 TTNFD; system32\drivers\ttnfd.sys [X] S4 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-23 14:06 - 2015-12-23 14:06 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\ProgramData\Browser Manager 2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\ProgramData\APN 2015-12-22 12:33 - 2015-12-22 13:08 - 00000000 ____D C:\AdwCleaner 2015-12-21 18:05 - 2015-12-21 18:05 - 00001057 _____ C:\Users\Klaus\ADWCleaner.txt 2015-12-21 15:57 - 2015-12-21 15:57 - 00243941 _____ C:\Users\Klaus\TDSSKiller-Report1.txt 2015-12-21 14:51 - 2015-12-21 15:59 - 00487972 _____ C:\TDSSKiller.3.1.0.9_21.12.2015_14.51.38_log.txt 2015-12-21 13:06 - 2015-12-24 07:26 - 00000000 ____D C:\FRST 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Windows Live Writer 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live Writer 2015-12-14 19:03 - 2015-12-14 19:03 - 00003561 _____ C:\Users\Klaus\AppData\LocalLow\lpm.dat 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\Program Files (x86)\Nero 2015-12-12 13:45 - 2015-12-18 08:05 - 00001104 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-12 08:58 - 2015-12-12 08:58 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-09 14:58 - 2015-12-09 14:58 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-12-09 12:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-09 12:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-12-09 12:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-09 12:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-09 12:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-09 12:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-09 12:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-09 12:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-09 12:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-09 12:25 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 12:25 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-09 12:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-09 12:25 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 12:25 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-09 12:25 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-09 12:25 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-09 12:25 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-09 12:25 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-09 12:25 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-09 12:25 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-09 12:25 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-09 12:25 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-09 12:25 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-09 12:25 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-09 12:25 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-09 12:25 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-09 12:25 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-09 12:25 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-09 12:25 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-09 12:25 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-09 12:25 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-09 12:25 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-09 12:25 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-09 12:25 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-09 12:25 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-09 12:25 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-09 12:25 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-09 12:25 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 12:25 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-09 12:25 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-09 12:25 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-09 12:25 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-09 12:25 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-09 12:25 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 12:25 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-09 12:25 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-09 12:25 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 12:25 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 12:25 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 12:25 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 12:25 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-09 12:21 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-09 12:21 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordTools 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\Program Files (x86)\PasswordTools 2015-12-03 11:20 - 2015-12-24 07:25 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job 2015-12-03 11:20 - 2015-12-23 11:44 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job 2015-12-03 11:20 - 2015-12-03 11:20 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA 2015-12-03 11:20 - 2015-12-03 11:20 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\ProgramData\Dropbox 2015-11-30 14:53 - 2015-11-30 14:53 - 00000000 __SHD C:\$360Section 2015-11-30 14:31 - 2015-12-13 16:55 - 00000000 ____D C:\ProgramData\360Quarant 2015-11-30 14:27 - 2015-12-21 22:31 - 00000000 ____D C:\360SANDBOX 2015-11-30 14:26 - 2015-12-21 22:37 - 00000000 ____D C:\Program Files (x86)\360 2015-11-29 17:50 - 2015-11-29 17:50 - 00000696 _____ C:\Users\Klaus\Desktop\TTCamera Max.LNK 2015-11-26 13:21 - 2015-11-26 13:21 - 00314592 _____ C:\Windows\Minidump\112615-114364-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-24 06:58 - 2012-11-22 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-24 06:29 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job 2015-12-24 06:28 - 2014-03-17 19:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-24 05:59 - 2014-10-14 08:17 - 00001338 _____ C:\Windows\Tasks\CWSLOE.job 2015-12-24 02:46 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-24 02:46 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-23 17:42 - 2014-02-01 11:29 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\LastPass 2015-12-23 11:50 - 2014-03-17 19:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-22 23:08 - 2014-09-09 08:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-22 23:02 - 2015-06-21 13:57 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\NirSoft Utilities 2015-12-22 13:14 - 2015-05-10 17:17 - 00000000 ___RD C:\Users\Klaus\Dropbox 2015-12-22 13:14 - 2015-05-10 17:13 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox 2015-12-22 13:14 - 2013-04-02 10:20 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-12-22 13:13 - 2015-10-29 16:12 - 00000000 ___RD C:\Users\Klaus\iCloudDrive 2015-12-22 13:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-22 13:09 - 2015-08-08 17:39 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-12-22 13:08 - 2014-10-14 08:14 - 00001049 _____ C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2015-12-22 13:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-22 12:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-22 12:32 - 2015-06-26 11:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-22 12:32 - 2015-06-26 11:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-12-22 12:32 - 2015-06-26 11:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-12-21 22:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-21 22:32 - 2014-09-09 08:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-21 22:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2015-12-21 18:05 - 2011-01-26 11:02 - 00000000 ____D C:\Users\Klaus 2015-12-21 16:13 - 2014-09-09 08:21 - 00001072 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-21 16:13 - 2014-09-09 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-21 15:52 - 2011-05-22 13:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc 2015-12-20 17:54 - 2013-01-09 09:04 - 00078336 _____ C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\Program Files (x86)\Wondershare 2015-12-20 15:53 - 2013-07-09 13:09 - 00000000 ____D C:\Users\fbwuser 2015-12-19 12:34 - 2010-07-29 22:06 - 14473604 _____ C:\Windows\system32\perfh007.dat 2015-12-19 12:34 - 2010-07-29 22:06 - 04638436 _____ C:\Windows\system32\perfc007.dat 2015-12-19 12:34 - 2009-07-14 06:13 - 00006752 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-19 08:28 - 2015-03-06 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-18 23:00 - 2011-10-17 12:39 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps 2015-12-18 14:58 - 2011-11-06 16:58 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live 2015-12-13 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-12 11:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-12 08:13 - 2011-09-20 20:09 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss 2015-12-10 10:23 - 2014-02-20 08:01 - 00561944 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-10 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-12-10 09:03 - 2011-01-26 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-10 08:59 - 2012-05-17 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-10 08:47 - 2013-07-14 19:12 - 00000000 ____D C:\Windows\system32\MRT 2015-12-10 08:17 - 2011-01-26 19:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-09 14:59 - 2012-11-22 19:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-09 14:59 - 2012-04-06 10:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-09 14:59 - 2011-05-13 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-09 04:39 - 2011-03-20 15:10 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-08 13:49 - 2012-12-02 10:58 - 00000000 ____D C:\ProgramData\TEMP 2015-12-07 16:24 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-04 08:23 - 2014-03-17 19:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-04 08:23 - 2014-03-17 19:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-02 14:42 - 2011-10-24 19:13 - 00000000 ____D C:\Users\Klaus\AppData\Local\Pinnacle 2015-12-02 14:42 - 2011-10-24 19:12 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2015-12-01 12:29 - 2011-01-26 11:08 - 00000000 ____D C:\Windows\pss 2015-11-30 18:35 - 2011-01-26 11:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\GHISLER 2015-11-27 19:01 - 2015-10-29 16:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-27 11:52 - 2012-12-21 23:22 - 00000000 ____D C:\Users\Klaus\Documents\Ahnenblatt 2015-11-27 11:46 - 2012-02-06 14:15 - 00000000 ____D C:\fertige Videos 2015-11-26 16:46 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\AnvSoft 2015-11-26 13:21 - 2011-08-10 10:11 - 00000000 ____D C:\Windows\Minidump 2015-11-24 10:37 - 2015-02-04 19:03 - 00000000 ____D C:\Users\Klaus\.mediathek3 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-03-14 18:27 - 2001-09-19 10:27 - 0502272 _____ () C:\Program Files (x86)\Cascade.exe 2011-10-09 10:48 - 1997-07-19 15:55 - 1347344 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvbvm50.dll 2014-02-03 16:15 - 2003-03-21 12:45 - 0250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx 2014-02-03 20:45 - 2014-02-03 20:45 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2012-07-08 17:15 - 2012-07-10 18:30 - 0000048 _____ () C:\Users\Klaus\AppData\Roaming\AcroIEHelpe.txt 2012-07-08 17:15 - 2012-07-10 18:30 - 0000051 _____ () C:\Users\Klaus\AppData\Roaming\blckdom.res 2012-12-16 11:28 - 2012-12-16 11:28 - 0006144 _____ () C:\Users\Klaus\AppData\Roaming\com.apple.antiphishing.db 2013-09-28 16:26 - 2013-10-02 19:35 - 0000000 _____ () C:\Users\Klaus\AppData\Roaming\forms.def 2011-10-03 16:11 - 2011-10-03 16:32 - 0099384 _____ () C:\Users\Klaus\AppData\Roaming\inst.exe 2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Klaus\AppData\Roaming\LL 2011-09-28 20:19 - 2011-09-28 20:19 - 0000098 _____ () C:\Users\Klaus\AppData\Roaming\MPUI.ini 2011-10-03 16:11 - 2011-10-03 16:32 - 0007859 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.cat 2011-10-03 16:11 - 2011-10-03 16:32 - 0001167 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.inf 2011-10-03 16:12 - 2011-10-03 16:32 - 0000055 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.log 2011-10-03 16:11 - 2011-10-03 16:32 - 0082816 _____ (VSO Software) C:\Users\Klaus\AppData\Roaming\pcouffin.sys 2012-07-08 17:15 - 2012-07-08 17:15 - 0000264 _____ () C:\Users\Klaus\AppData\Roaming\srvblck5.tmp 2012-07-10 10:28 - 2012-07-10 10:28 - 0000011 _____ () C:\Users\Klaus\AppData\Roaming\urhtps.dat 2011-10-03 16:13 - 2011-10-03 16:32 - 0001057 _____ () C:\Users\Klaus\AppData\Roaming\vso_ts_preview.xml 2014-02-23 16:41 - 2014-09-09 08:05 - 0000091 _____ () C:\Users\Klaus\AppData\Roaming\WB.CFG 2013-01-09 09:04 - 2015-12-20 17:54 - 0078336 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-12 16:01 - 2014-02-12 16:01 - 0000173 _____ () C:\Users\Klaus\AppData\Local\msmathematics.qat.Klaus 2013-09-25 15:48 - 2013-09-25 15:48 - 0002088 _____ () C:\Users\Klaus\AppData\Local\recently-used.xbel 2013-09-03 16:24 - 2015-10-04 17:01 - 0007598 _____ () C:\Users\Klaus\AppData\Local\Resmon.ResmonCfg 2012-10-02 11:37 - 2012-10-05 14:46 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-01-07 13:00 - 2013-01-07 13:00 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-07-10 18:59 - 2012-07-10 18:59 - 0000051 _____ () C:\ProgramData\clsilllgbrakunr 2011-02-16 20:14 - 2011-02-16 20:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2012-10-01 20:34 - 2012-10-03 12:32 - 0001834 _____ () C:\ProgramData\flcd_proxy.log 2012-01-29 13:32 - 2012-01-29 13:32 - 0005081 _____ () C:\ProgramData\hnbdehzc.pfe 2011-10-07 16:54 - 2011-10-07 17:32 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Klaus\jobq.dat C:\Users\Klaus\netzlw.vbs C:\Users\Klaus\time1.bat C:\Users\Klaus\vbaconv.bat Einige Dateien in TEMP: ==================== C:\Users\Klaus\AppData\Local\Temp\-bfjpesr.dll C:\Users\Klaus\AppData\Local\Temp\avgnt.exe C:\Users\Klaus\AppData\Local\Temp\ctmyh-q6.dll C:\Users\Klaus\AppData\Local\Temp\DivXSetup.exe C:\Users\Klaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvlefog.dll C:\Users\Klaus\AppData\Local\Temp\GLF2767.EXE C:\Users\Klaus\AppData\Local\Temp\GLF3E32.EXE C:\Users\Klaus\AppData\Local\Temp\GLF5C66.EXE C:\Users\Klaus\AppData\Local\Temp\GLF6878.EXE C:\Users\Klaus\AppData\Local\Temp\HOST17152.exe C:\Users\Klaus\AppData\Local\Temp\ikryuqe5.dll C:\Users\Klaus\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Klaus\AppData\Local\Temp\ls3grcji.dll C:\Users\Klaus\AppData\Local\Temp\pf3lfiun.dll C:\Users\Klaus\AppData\Local\Temp\sqlite3.dll C:\Users\Klaus\AppData\Local\Temp\tmd_34019176.exe C:\Users\Klaus\AppData\Local\Temp\uninstall.exe C:\Users\Klaus\AppData\Local\Temp\v9o1xnos.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-12 11:01 ==================== Ende von FRST.txt ============================ mfG Klaus Hallo Dennis, ich wünsche dir und allen anderen Helfern ein frohes Weihnachtsfest. viele Grüße Klaus |
24.12.2015, 12:38 | #23 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, danke, wünsch ich dir natürlich auch Schritt # 1: FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Klaus\AppData\Roaming\LL C:\Users\Klaus\Videos\streamtransport_1.1.6.2.zip C:\Users\Klaus\Videos\streamtransport_1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe C:\Users\Klaus\Videos\streamtransport_1.1.6.2\Streamtransport IE10\streamtransport_setup.exe C:\Windows\Installer\280e0b43.msi D:\DVD-01-16-2\pcwsoft\PDFCreator-2_2_1-setup.exe D:\Eigene Dateien\Downloads\ChanSort - CHIP-Installer(1).exe D:\Eigene Dateien\Downloads\HijackThis - CHIP-Installer.exe D:\Eigene Dateien\Downloads\EXE\ChanSort - CHIP-Installer.exe D:\Eigene Dateien\Downloads\EXE\StreamTransport - CHIP-Installer.exe D:\Eigene Dateien\Downloads\EXE\XMediaRecode3148_setup.exe D:\Eigene Dateien\Downloads\EXE\YTD43Setup.exe HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [NGNJHFPFHADNCGAFGBNEELJAGINIMMMK] - C:\Users\Klaus\AppData\Local\Temp\tbch.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <nicht gefunden> 2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\ProgramData\Browser Manager 2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\ProgramData\APN 2015-12-24 06:29 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job EmptyTemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt # 2: FRST Bitte noch ein frisches FRST-Log, mit Additions.txt angehakt. Schritt # 3: Frage Tritt das Problem noch auf? Schritt # 4: Bitte Posten
|
24.12.2015, 14:02 | #24 |
| Cursor friert für kurze Zeit ein Hi, hier die fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015 durchgeführt von Klaus (2015-12-24 13:29:23) Run:1 Gestartet von D:\Eigene Dateien\Downloads Geladene Profile: Klaus (Verfügbare Profile: Klaus & DefaultAppPool) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** C:\Users\Klaus\AppData\Roaming\LL C:\Users\Klaus\Videos\streamtransport_1.1.6.2.zip C:\Users\Klaus\Videos\streamtransport_1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe C:\Users\Klaus\Videos\streamtransport_1.1.6.2\Streamtransport IE10\streamtransport_setup.exe C:\Windows\Installer\280e0b43.msi D:\DVD-01-16-2\pcwsoft\PDFCreator-2_2_1-setup.exe D:\Eigene Dateien\Downloads\ChanSort - CHIP-Installer(1).exe D:\Eigene Dateien\Downloads\HijackThis - CHIP-Installer.exe D:\Eigene Dateien\Downloads\EXE\ChanSort - CHIP-Installer.exe D:\Eigene Dateien\Downloads\EXE\StreamTransport - CHIP-Installer.exe D:\Eigene Dateien\Downloads\EXE\XMediaRecode3148_setup.exe D:\Eigene Dateien\Downloads\EXE\YTD43Setup.exe HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = BHO-x32: Kein Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Klaus\AppData\Local\Temp\crx304D.tmp <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [NGNJHFPFHADNCGAFGBNEELJAGINIMMMK] - C:\Users\Klaus\AppData\Local\Temp\tbch.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <nicht gefunden> 2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\ProgramData\Browser Manager 2015-12-22 23:05 - 2015-12-22 23:05 - 00000000 ____D C:\ProgramData\APN 2015-12-24 06:29 - 2014-10-14 08:17 - 00001330 _____ C:\Windows\Tasks\LL.job EmptyTemp: ***************** C:\Users\Klaus\AppData\Roaming\LL => erfolgreich verschoben C:\Users\Klaus\Videos\streamtransport_1.1.6.2.zip => erfolgreich verschoben C:\Users\Klaus\Videos\streamtransport_1.1.6.2\streamtransport_chrome_setup1.1.6.2.exe => erfolgreich verschoben C:\Users\Klaus\Videos\streamtransport_1.1.6.2\Streamtransport IE10\streamtransport_setup.exe => erfolgreich verschoben C:\Windows\Installer\280e0b43.msi => erfolgreich verschoben "D:\DVD-01-16-2\pcwsoft\PDFCreator-2_2_1-setup.exe" => nicht gefunden. D:\Eigene Dateien\Downloads\ChanSort - CHIP-Installer(1).exe => erfolgreich verschoben D:\Eigene Dateien\Downloads\HijackThis - CHIP-Installer.exe => erfolgreich verschoben D:\Eigene Dateien\Downloads\EXE\ChanSort - CHIP-Installer.exe => erfolgreich verschoben D:\Eigene Dateien\Downloads\EXE\StreamTransport - CHIP-Installer.exe => erfolgreich verschoben D:\Eigene Dateien\Downloads\EXE\XMediaRecode3148_setup.exe => erfolgreich verschoben D:\Eigene Dateien\Downloads\EXE\YTD43Setup.exe => erfolgreich verschoben HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt "HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B69F34DD-F0F9-42DC-9EDD-957187DA688D}" => Schlüssel erfolgreich entfernt HKCR\Wow6432Node\CLSID\{B69F34DD-F0F9-42DC-9EDD-957187DA688D} => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Wert erfolgreich entfernt HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Wert erfolgreich entfernt HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Wert nicht gefunden. HKCR\CLSID\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Wert nicht gefunden. HKCR\CLSID\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Wert nicht gefunden. HKCR\CLSID\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Schlüssel nicht gefunden. HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Wert nicht gefunden. HKCR\CLSID\Toolbar: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001-{{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Schlüssel nicht gefunden. "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\NGNJHFPFHADNCGAFGBNEELJAGINIMMMK" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph" => Schlüssel erfolgreich entfernt C:\ProgramData\Browser Manager => erfolgreich verschoben C:\ProgramData\APN => erfolgreich verschoben C:\Windows\Tasks\LL.job => erfolgreich verschoben EmptyTemp: => 989.1 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 13:31:05 ==== FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 durchgeführt von Klaus (Administrator) auf LAPTOP (24-12-2015 13:51:06) Gestartet von D:\Eigene Dateien\Downloads Geladene Profile: Klaus (Verfügbare Profile: Klaus & DefaultAppPool) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (DivX, LLC) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-22] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861640 2015-06-26] (DivX, LLC) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-06-24] (DivX, LLC) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare) HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC) HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1533728 2015-04-01] (Seagate Technology LLC) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [739936 2012-11-27] (Sony Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-10-21] (Apple Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127304 2015-04-01] (Seagate Technology LLC) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-12-03] (Dropbox, Inc.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253972-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {17253975-82ed-11e1-83f5-544249ea3c02} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c560a-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c565c-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {278c5669-7634-11e0-bbeb-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37df-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {2d2d37e2-7e83-11e3-acae-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {33076d6f-7684-11e0-bf62-c0cb38ed7878} - G:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {3d594572-764b-11e0-8882-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf66f-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf673-dc66-11e0-9790-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {5bbcf691-dc66-11e0-9790-c0cb38ed7878} - H:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a30-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a32-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {738e9a34-a504-11e1-a645-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {74216253-762f-11e0-8c5d-806e6f6e6963} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71d2-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a71fe-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {7c9a7203-faa1-11e1-9985-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {81792775-80d0-11e3-86d7-544249ea3c02} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {88700e5d-dc64-11e0-969c-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {a9891bf7-44f0-11e1-83c9-544249ea3c02} - G:\wickie1.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72368-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72386-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b2c72389-76e8-11e0-85b2-544249ea3c02} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {b40b3954-8139-11e3-832f-806e6f6e6963} - I:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {cbea623c-72ef-11e0-ae40-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc82212d-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\MountPoints2: {dc822147-9b8e-11e1-a8d7-c0cb38ed7878} - F:\AutoRun.exe ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-07-29] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-02-03] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011-05-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-08-30] () Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12] ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2012-12-18] ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2015-04-03] ShortcutTarget: Mediencenter.lnk -> C:\Users\Klaus\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Keine Datei) BootExecute: autocheck autochk * ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{27100D96-1E72-4C4E-BDC0-82EFB7D67E71}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [NameServer] 192.168.2.1 Tcpip\..\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.google.de SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898 FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-02-03] (LastPass) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-06-29] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-02-03] (LastPass) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll [2013-12-23] (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3074472845-1740885614-3036682275-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Keine Datei] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-sxpdf.dll [2011-05-14] (soft Xpansion) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-28] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-28] (Apple Inc.) FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\ask-search.xml [2015-12-22] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\engine-thecoolestmovies.xml [2015-10-01] FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\searchplugins\metager.xml [2015-12-07] FF Extension: MinimizeToTray revived (MinTrayR) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx [2015-05-31] FF Extension: LastPass - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com [2015-12-19] FF Extension: iCloud Bookmarks - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\Extensions\firefoxdav@icloud.com [2015-10-29] FF HKLM-x32\...\Firefox\Extensions: [ext@flash-Enhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => nicht gefunden FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-22] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-22] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-22] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Datei ist nicht signiert] R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert] R2 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [80448 2012-07-18] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157992 2015-04-01] (Seagate Technology LLC) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [413336 2015-08-26] () R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [Datei ist nicht signiert] R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-22] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-22] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [119296 2008-01-22] (Huawei Technologies Co., Ltd.) U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-04] (Microsoft Corporation) S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH) S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [Datei ist nicht signiert] S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [Datei ist nicht signiert] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] () S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-10] () [Datei ist nicht signiert] S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert] R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2011-04-19] (H+H Software GmbH) U3 DfSdkS; kein ImagePath S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X] S3 NPF; system32\drivers\NPF.sys [X] S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X] S1 TTNFD; system32\drivers\ttnfd.sys [X] S4 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-22 12:33 - 2015-12-22 13:08 - 00000000 ____D C:\AdwCleaner 2015-12-21 18:05 - 2015-12-21 18:05 - 00001057 _____ C:\Users\Klaus\ADWCleaner.txt 2015-12-21 15:57 - 2015-12-21 15:57 - 00243941 _____ C:\Users\Klaus\TDSSKiller-Report1.txt 2015-12-21 14:51 - 2015-12-21 15:59 - 00487972 _____ C:\TDSSKiller.3.1.0.9_21.12.2015_14.51.38_log.txt 2015-12-21 13:06 - 2015-12-24 13:51 - 00000000 ____D C:\FRST 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Windows Live Writer 2015-12-18 14:59 - 2015-12-18 14:59 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live Writer 2015-12-14 19:03 - 2015-12-14 19:03 - 00003561 _____ C:\Users\Klaus\AppData\LocalLow\lpm.dat 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2015-12-13 17:12 - 2015-12-13 17:12 - 00000000 ____D C:\Program Files (x86)\Nero 2015-12-12 13:45 - 2015-12-18 08:05 - 00001104 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-12-12 08:58 - 2015-12-12 08:58 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-12-09 14:58 - 2015-12-09 14:58 - 09498816 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-12-09 12:27 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-09 12:27 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-09 12:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-12-09 12:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-09 12:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-12-09 12:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-09 12:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-09 12:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-09 12:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-09 12:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-09 12:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-09 12:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-09 12:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-09 12:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-09 12:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-09 12:25 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-09 12:25 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-09 12:25 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-09 12:25 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-09 12:25 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-09 12:25 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-09 12:25 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-09 12:25 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-09 12:25 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-09 12:25 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-09 12:25 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-09 12:25 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-09 12:25 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-09 12:25 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-09 12:25 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-09 12:25 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-09 12:25 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-09 12:25 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-09 12:25 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-09 12:25 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-09 12:25 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-09 12:25 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-09 12:25 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-09 12:25 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-09 12:25 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-09 12:25 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-09 12:25 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-09 12:25 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-09 12:25 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-09 12:25 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-09 12:25 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-09 12:25 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-09 12:25 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-09 12:25 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-09 12:25 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-09 12:25 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-09 12:25 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-09 12:25 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-09 12:25 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-09 12:25 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-09 12:25 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-09 12:25 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-09 12:25 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-09 12:25 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-09 12:25 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-09 12:25 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-09 12:25 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-09 12:25 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-09 12:25 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-09 12:25 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-09 12:25 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-09 12:25 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-09 12:21 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-09 12:21 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PasswordTools 2015-12-07 15:00 - 2015-12-07 15:00 - 00000000 ____D C:\Program Files (x86)\PasswordTools 2015-12-03 11:20 - 2015-12-24 13:25 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job 2015-12-03 11:20 - 2015-12-24 11:25 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job 2015-12-03 11:20 - 2015-12-03 11:20 - 00004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA 2015-12-03 11:20 - 2015-12-03 11:20 - 00003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox 2015-12-03 11:20 - 2015-12-03 11:20 - 00000000 ____D C:\ProgramData\Dropbox 2015-11-30 14:31 - 2015-12-13 16:55 - 00000000 ____D C:\ProgramData\360Quarant 2015-11-30 14:26 - 2015-12-21 22:37 - 00000000 ____D C:\Program Files (x86)\360 2015-11-29 17:50 - 2015-11-29 17:50 - 00000696 _____ C:\Users\Klaus\Desktop\TTCamera Max.LNK 2015-11-26 13:21 - 2015-11-26 13:21 - 00314592 _____ C:\Windows\Minidump\112615-114364-01.dmp ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-24 13:46 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-24 13:46 - 2009-07-14 05:45 - 00022704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-24 13:40 - 2014-02-01 11:29 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\LastPass 2015-12-24 13:39 - 2015-05-10 17:17 - 00000000 ___RD C:\Users\Klaus\Dropbox 2015-12-24 13:39 - 2015-05-10 17:13 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox 2015-12-24 13:38 - 2015-10-29 16:12 - 00000000 ___RD C:\Users\Klaus\iCloudDrive 2015-12-24 13:37 - 2014-03-17 19:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-24 13:36 - 2013-04-02 10:20 - 00000433 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-12-24 13:35 - 2014-10-14 08:17 - 00001338 _____ C:\Windows\Tasks\CWSLOE.job 2015-12-24 13:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-24 13:30 - 2011-07-21 12:13 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Temp 2015-12-24 13:29 - 2014-03-17 19:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-24 12:58 - 2012-11-22 19:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-24 08:26 - 2015-03-06 07:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-22 23:08 - 2014-09-09 08:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-22 23:02 - 2015-06-21 13:57 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\NirSoft Utilities 2015-12-22 13:09 - 2015-08-08 17:39 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-12-22 13:08 - 2014-10-14 08:14 - 00001049 _____ C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2015-12-22 13:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-22 12:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-12-22 12:32 - 2015-06-26 11:40 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-12-22 12:32 - 2015-06-26 11:40 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-12-22 12:32 - 2015-06-26 11:40 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-12-21 22:37 - 2015-06-26 11:35 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-21 22:32 - 2014-09-09 08:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-21 22:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help 2015-12-21 18:05 - 2011-01-26 11:02 - 00000000 ____D C:\Users\Klaus 2015-12-21 16:13 - 2014-09-09 08:21 - 00001072 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-21 16:13 - 2014-09-09 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-21 15:52 - 2011-05-22 13:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc 2015-12-20 17:54 - 2013-01-09 09:04 - 00078336 _____ C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2015-12-20 16:48 - 2013-05-28 14:53 - 00000000 ____D C:\Program Files (x86)\Wondershare 2015-12-20 15:53 - 2013-07-09 13:09 - 00000000 ____D C:\Users\fbwuser 2015-12-19 12:34 - 2010-07-29 22:06 - 14473604 _____ C:\Windows\system32\perfh007.dat 2015-12-19 12:34 - 2010-07-29 22:06 - 04638436 _____ C:\Windows\system32\perfc007.dat 2015-12-19 12:34 - 2009-07-14 06:13 - 00006752 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-18 23:00 - 2011-10-17 12:39 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps 2015-12-18 14:58 - 2011-11-06 16:58 - 00000000 ____D C:\Users\Klaus\AppData\Local\Windows Live 2015-12-13 16:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2015-12-12 11:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-12 08:13 - 2011-09-20 20:09 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss 2015-12-10 10:23 - 2014-02-20 08:01 - 00561944 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-10 10:20 - 2012-05-17 02:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-10 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-12-10 09:03 - 2011-01-26 19:09 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-10 08:59 - 2012-05-17 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-10 08:47 - 2013-07-14 19:12 - 00000000 ____D C:\Windows\system32\MRT 2015-12-10 08:17 - 2011-01-26 19:16 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-09 14:59 - 2012-11-22 19:43 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-09 14:59 - 2012-04-06 10:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-09 14:59 - 2011-05-13 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-09 04:39 - 2011-03-20 15:10 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-12-08 13:49 - 2012-12-02 10:58 - 00000000 ____D C:\ProgramData\TEMP 2015-12-07 16:24 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-04 08:23 - 2014-03-17 19:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-04 08:23 - 2014-03-17 19:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-02 14:42 - 2011-10-24 19:13 - 00000000 ____D C:\Users\Klaus\AppData\Local\Pinnacle 2015-12-02 14:42 - 2011-10-24 19:12 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI 2015-12-01 12:29 - 2011-01-26 11:08 - 00000000 ____D C:\Windows\pss 2015-11-30 18:35 - 2011-01-26 11:30 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\GHISLER 2015-11-27 19:01 - 2015-10-29 16:24 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-27 11:52 - 2012-12-21 23:22 - 00000000 ____D C:\Users\Klaus\Documents\Ahnenblatt 2015-11-27 11:46 - 2012-02-06 14:15 - 00000000 ____D C:\fertige Videos 2015-11-26 16:46 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\AnvSoft 2015-11-26 13:21 - 2011-08-10 10:11 - 00000000 ____D C:\Windows\Minidump 2015-11-24 10:37 - 2015-02-04 19:03 - 00000000 ____D C:\Users\Klaus\.mediathek3 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-03-14 18:27 - 2001-09-19 10:27 - 0502272 _____ () C:\Program Files (x86)\Cascade.exe 2011-10-09 10:48 - 1997-07-19 15:55 - 1347344 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvbvm50.dll 2014-02-03 16:15 - 2003-03-21 12:45 - 0250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx 2014-02-03 20:45 - 2014-02-03 20:45 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2012-07-08 17:15 - 2012-07-10 18:30 - 0000048 _____ () C:\Users\Klaus\AppData\Roaming\AcroIEHelpe.txt 2012-07-08 17:15 - 2012-07-10 18:30 - 0000051 _____ () C:\Users\Klaus\AppData\Roaming\blckdom.res 2012-12-16 11:28 - 2012-12-16 11:28 - 0006144 _____ () C:\Users\Klaus\AppData\Roaming\com.apple.antiphishing.db 2013-09-28 16:26 - 2013-10-02 19:35 - 0000000 _____ () C:\Users\Klaus\AppData\Roaming\forms.def 2011-10-03 16:11 - 2011-10-03 16:32 - 0099384 _____ () C:\Users\Klaus\AppData\Roaming\inst.exe 2011-09-28 20:19 - 2011-09-28 20:19 - 0000098 _____ () C:\Users\Klaus\AppData\Roaming\MPUI.ini 2011-10-03 16:11 - 2011-10-03 16:32 - 0007859 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.cat 2011-10-03 16:11 - 2011-10-03 16:32 - 0001167 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.inf 2011-10-03 16:12 - 2011-10-03 16:32 - 0000055 _____ () C:\Users\Klaus\AppData\Roaming\pcouffin.log 2011-10-03 16:11 - 2011-10-03 16:32 - 0082816 _____ (VSO Software) C:\Users\Klaus\AppData\Roaming\pcouffin.sys 2012-07-08 17:15 - 2012-07-08 17:15 - 0000264 _____ () C:\Users\Klaus\AppData\Roaming\srvblck5.tmp 2012-07-10 10:28 - 2012-07-10 10:28 - 0000011 _____ () C:\Users\Klaus\AppData\Roaming\urhtps.dat 2011-10-03 16:13 - 2011-10-03 16:32 - 0001057 _____ () C:\Users\Klaus\AppData\Roaming\vso_ts_preview.xml 2014-02-23 16:41 - 2014-09-09 08:05 - 0000091 _____ () C:\Users\Klaus\AppData\Roaming\WB.CFG 2013-01-09 09:04 - 2015-12-20 17:54 - 0078336 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-02-12 16:01 - 2014-02-12 16:01 - 0000173 _____ () C:\Users\Klaus\AppData\Local\msmathematics.qat.Klaus 2013-09-25 15:48 - 2013-09-25 15:48 - 0002088 _____ () C:\Users\Klaus\AppData\Local\recently-used.xbel 2013-09-03 16:24 - 2015-10-04 17:01 - 0007598 _____ () C:\Users\Klaus\AppData\Local\Resmon.ResmonCfg 2012-10-02 11:37 - 2012-10-05 14:46 - 0000041 ___SH () C:\ProgramData\.zreglib 2013-01-07 13:00 - 2013-01-07 13:00 - 0000057 _____ () C:\ProgramData\Ament.ini 2012-07-10 18:59 - 2012-07-10 18:59 - 0000051 _____ () C:\ProgramData\clsilllgbrakunr 2011-02-16 20:14 - 2011-02-16 20:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2012-10-01 20:34 - 2012-10-03 12:32 - 0001834 _____ () C:\ProgramData\flcd_proxy.log 2012-01-29 13:32 - 2012-01-29 13:32 - 0005081 _____ () C:\ProgramData\hnbdehzc.pfe 2011-10-07 16:54 - 2011-10-07 17:32 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Klaus\jobq.dat C:\Users\Klaus\netzlw.vbs C:\Users\Klaus\time1.bat C:\Users\Klaus\vbaconv.bat Einige Dateien in TEMP: ==================== C:\Users\Klaus\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-24 10:31 ==================== Ende von FRST.txt ============================ |
24.12.2015, 14:04 | #25 |
| Cursor friert für kurze Zeit ein Die addition.txt FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015 durchgeführt von Klaus (2015-12-24 13:54:39) Gestartet von D:\Eigene Dateien\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2011-01-26 10:02:04) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3074472845-1740885614-3036682275-500 - Administrator - Disabled) Gast (S-1-5-21-3074472845-1740885614-3036682275-501 - Limited - Disabled) Klaus (S-1-5-21-3074472845-1740885614-3036682275-1001 - Administrator - Enabled) => C:\Users\Klaus ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AceHTML 5 Freeware (HKLM-x32\...\AceHTML 5 Freeware) (Version: - ) AceHTML Freeware (HKLM-x32\...\AceHTML Freeware) (Version: Build 11 - ) Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems) Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft) ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft) ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform) DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC) Dropbox (HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Excel Protection Remover (HKLM-x32\...\ST6UNST #1) (Version: - ) ExifPro 2.0 Photo Viewer (HKLM-x32\...\ExifPro 2.0) (Version: - ) Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger) FamilySearch Indexing 3.9.9 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.9.9 - FamilySearch) Fences (HKLM-x32\...\Fences) (Version: - Stardock Corporation) Fences (Version: 1.0 - Stardock Corporation) Hidden Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Fotosizer 1.32 (HKLM-x32\...\Fotosizer) (Version: 1.32 - Fotosizer.com) Free DWG Viewer 7.2 (HKLM-x32\...\{90751489-B709-4D2F-8634-FEE00BFEC41A}) (Version: 7.2.0.69 - IGC) Frutti for Noobs 2 (HKLM-x32\...\Frutti for Noobs 2) (Version: - ) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{0A8BEF69-0DD7-4A8F-9AED-0CB91BEBCB58}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard) HP Print View Software (HKLM\...\{1E95102E-27A4-416F-A9D1-308C9603F14A}) (Version: 3.0.0.0 - Hewlett-Packard) HP Print View Software (HKLM-x32\...\HP Marketing Resources) (Version: - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java SE Development Kit 8 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180650}) (Version: 8.0.650.17 - Oracle Corporation) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass) MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - ) Media Gallery (Version: 1.4.0.11300 - Your Company Name) Hidden Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation) Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation) Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Setup (Deutsch) (HKLM\...\{24BB9353-944E-46BC-BBA8-B8F83E8DBB51}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU CTP1 (HKLM\...\{CA62C93E-A637-4BEC-B90D-69ABFBEB402C}) (Version: 4.0.8854.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation) Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - ) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.002.03.27.40 - Huawei Technologies Co.,Ltd) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 de)) (Version: 43.0.2 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nero 11 InfoTool (HKLM-x32\...\{64BEF779-5053-48AF-A3D8-B70EBC1C70E7}) (Version: 11.0.00500 - Nero AG) NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - ) NirSoft WirelessNetView (HKLM-x32\...\NirSoft WirelessNetView) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - ) Opticon USB Drivers Installer (HKLM-x32\...\Opticon USB Installer) (Version: - ) Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC) Paragon Easy CD-DVD Recorder Demo (HKLM-x32\...\{6D5F5816-08ED-4ED1-9063-8225A3A7E278}) (Version: - ) Photomizer 2 SE (HKLM-x32\...\{41B5224D-F3EC-4EF7-0001-6CD233878EF0}) (Version: 2.0.13.425 - Engelmann Media GmbH) Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.1.127 - Pinnacle Systems) Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems) PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation) PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation) Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.) Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation) SDL BinScope (HKLM-x32\...\{B137EB8C-FA6C-4DA7-95F0-A9B6FFE67A64}) (Version: 1.0.1 - Microsoft Corporation) Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.0.2102.0 - Seagate) Seagate Manager Installer (HKLM-x32\...\InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}) (Version: 2.01.0109 - Seagate) Seagate Manager Installer (x32 Version: 2.01.0109 - Seagate) Hidden SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology) Secunia PSI (2.0.0.3001) (HKLM-x32\...\Secunia PSI) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.) SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden soft Xpansion Perfect PDF 6 Office (HKLM-x32\...\{A6D309F9-38AB-4cc3-8DA7-0544F5011788}) (Version: 6.4.1 - soft Xpansion) soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) VAIO - Media Gallery (HKLM-x32\...\{D9670A80-DED7-44FE-9B8C-94CEA3F7E035}) (Version: 1.4.1.12150 - Sony Corporation) VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation) VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}) (Version: 1.6.10.11160 - Sony Corporation) VAIO Care (HKLM\...\{6EEC3E9C-3479-42EB-B93C-E7DF7927DD82}) (Version: 8.4.4.09181 - Sony Corporation) VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.4.00.05300 - Sony Corporation) VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation) VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation) VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.5.00.05300 - Sony Corporation) VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation) VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe) VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation) VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3074472845-1740885614-3036682275-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 13-12-2015 11:33:29 Windows Update 13-12-2015 17:09:35 Installed Nero 11 InfoTool. 16-12-2015 18:31:35 Windows Update 20-12-2015 14:58:27 Windows Update 24-12-2015 02:24:35 Windows Update 24-12-2015 11:56:26 Removed Bonjour ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {039A07D1-A2B9-45C0-BD19-49690FD83DE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {07D4AA24-D497-4001-910D-41CFECF18CD6} - System32\Tasks\{C7ED5386-D57A-4EE9-B196-C5A7CDB5814E} => pcalua.exe -a C:\PROGRA~2\Nokia\NOKIAP~1\CONNEC~1.CPL -c Nokia Connection Manager Task: {0885AE72-75F9-43DF-BDBD-589259EB1DF0} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {0B34DC19-1384-4702-B339-50AA74B9BB75} - System32\Tasks\Klaus1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-04-01] (Seagate Technology LLC) Task: {0BAD74C5-C8BE-463A-B9D2-435751671C6E} - System32\Tasks\{F0337A20-BC9C-45B4-8747-866EE7685E14} => pcalua.exe -a "C:\Program Files (x86)\Mobile Partner\uninst.exe" Task: {12574A46-5BB3-4B18-832E-A0F2914603B0} - System32\Tasks\Klaus1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2015-04-01] (Seagate Technology LLC) Task: {15C2BA37-1546-45E1-A823-DCB117AFB4AE} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {1616CAB9-29A8-4DD0-8D5A-BB886FCB1CB9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {19417406-1995-4E80-916B-A8F1CAB989F6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3074472845-1740885614-3036682275-1001 Task: {26B7FB74-A020-4964-946D-96FC4545A1F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {3A353DDC-0642-49E8-AEEE-76F3C6D2451C} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) Task: {3E9838B7-A150-45E9-BFBF-394BB4282449} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {3FDD9109-DAB0-4863-8B5A-E285CABF7B6B} - System32\Tasks\{12F6BB85-6848-4135-9E2F-51D078C4D088} => pcalua.exe -a C:\Windows\SysWOW64\BDEADMIN.CPL -c BDE-Verwaltung Task: {491AD1C2-C187-4DEA-8D30-004774FF75F9} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {49B89204-1C6D-46B1-91EA-9BEE8E0EBC30} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {4AC60758-327A-4E9D-9092-61BDEED842EF} - System32\Tasks\{8586105B-1F7A-406A-9FC7-51BC3A1D794B} => pcalua.exe -a "D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\PROJECTS\TOOLS\LEOPARD\innounp.exe" -d "d:\Eigene Dateien\Downloads\multiPE" -c -x -b -q -d"D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\Temp\SystemInformationForWindows\extract" "D:\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\Temp\SystemInformationForWindows\download.exe" Task: {4AF890C7-19B9-4EEB-A11B-73FEF45AF1A3} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation) Task: {5D0A4BE5-9970-4259-BF30-FB8AB223416D} - System32\Tasks\{ABC60670-A460-465C-9B97-212DCFD5465C} => pcalua.exe -a "D:\Eigene Dateien\Downloads\QuickTimeInstaller.exe" -d "d:\Eigene Dateien\Downloads\" Task: {614740B0-4ADB-4F65-AD1D-E2D435C9AF28} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {6720139A-BAC1-45A6-A4ED-306CFCC522CF} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-04-01] (Seagate Technology LLC) Task: {67343D87-E736-44B9-A13A-E2B8C5350BD7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {675619FA-94CC-4069-A717-2569CD32E816} - System32\Tasks\LL => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG Task: {6E8871DA-C9F1-4696-A91D-54EC99FEEFDA} - System32\Tasks\CWSLOE => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG Task: {6EC63CDF-8431-4DA2-8945-7C600164F5EB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {75E39019-C4CC-4EB0-B5E2-0FDE37CA2F4D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {771ED35C-0486-4613-8B96-3B79FA03779F} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation) Task: {78DF4BAC-B69A-472F-926A-177FE4507BFD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {93FD7C56-B4C3-4E77-9CD2-0DCEE3629803} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {94602960-5314-426D-9A89-B2963F96F345} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation) Task: {94A0C089-0A35-4F05-96B2-62D98BDC59F9} - System32\Tasks\{2B9CF77D-AE9E-4A00-A040-58557720103A} => pcalua.exe -a C:\Users\Klaus\AppData\Local\Temp\GLF80C7\Setup.exe -d C:\Users\Klaus\AppData\Local\Temp\GLF80C7 -c -s -SMS Task: {9D53AEA0-E725-43C1-8B69-36D0034B4A89} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {A8673728-8118-4654-BC05-5D78A891AD2A} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation) Task: {AE31F376-8A3F-4597-AD1C-D5CE26B921B2} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation) Task: {B20290E4-BD2A-4088-8CEF-E5E63E27F239} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {B309C4C3-8093-4497-9284-8C1A3B540ABC} - System32\Tasks\{870005DC-CA58-4ED9-8C15-6EB0D6F041E8} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{10C51313-A308-4B40-90E3-B368D5882660}\setup.exe" -c -runfromtemp -l0x0007 -removeonly Task: {B7186D47-A3B8-4529-ADEF-4C58B845085D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {CAC5CBED-7DE9-42CF-B7BE-6F8062BF5215} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {CE244184-0F4F-45B0-8016-87D86531DFE2} - System32\Tasks\{62E86545-595A-4543-B0E6-AD03A0F82400} => pcalua.exe -a "C:\Users\Klaus\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe" -d "C:\Users\Klaus\AppData\Local\Apple\Apple Software Update" Task: {D04F9636-7D65-4AAB-AD44-356BCF1430DE} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe Task: {D371F01D-6C21-4BDF-A5A1-9C78CD3DEBB9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation) Task: {DB8BCBD7-53AB-47C2-841D-BB3D4CE92F7A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {DD529932-CF27-4DE8-8F28-F548B9E95C17} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation) Task: {E8FCCBDC-E2DE-4D03-A5B6-B262C79F28A2} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-08-20] (Sony Corporation) Task: {EC9B56C2-5659-45AE-912D-41969BB0862C} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation) Task: {EF56181C-410E-43AD-A983-1C06051088E9} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-23] (Sony Corporation) Task: {EF8310CF-C95B-4A94-8A0B-834EFD4060F5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-03] (Dropbox, Inc.) Task: {F793F220-60A2-4590-9FD5-8A57D15053A5} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation) Task: {FE0201AA-499D-4258-AA2B-C7BF9F630F43} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-12-03] (Dropbox, Inc.) Task: {FE2E05E6-0505-42EA-9F11-F33C0096AC0A} - System32\Tasks\Klaus DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-04-01] (Seagate Technology LLC) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\CWSLOE.job => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001Core.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3074472845-1740885614-3036682275-1001UA.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-08-24 14:39 - 2010-08-24 14:39 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-02-23 19:34 - 2011-02-23 19:34 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-06-01 18:28 - 2015-06-01 18:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2015-09-18 08:53 - 2015-09-18 08:53 - 00245912 _____ () C:\Program Files\Sony\VAIO Care\analyzer.dll 2010-07-29 12:19 - 2010-05-31 18:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll 2010-07-29 12:19 - 2010-05-31 18:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll 2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-03-20 17:12 - 2015-03-20 17:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2013-05-26 23:50 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu 2015-12-12 08:58 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd 2015-12-12 08:57 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-12 08:58 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-12 08:57 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32api.pyd 2015-12-12 08:57 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-12 08:57 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-12 08:57 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-12 08:58 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-12 08:58 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-12 08:58 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\fastpath.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-12 08:58 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32file.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-12 08:58 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32ts.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-12 08:58 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32service.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\librsync.dll 2015-12-12 08:57 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32profile.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-12 08:58 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-12 08:58 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2015-12-12 08:57 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd 2015-12-12 08:58 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2015-12-12 08:57 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-12 08:57 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\sip.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-12 08:58 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2015-12-12 08:57 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2015-12-12 08:57 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-12-12 08:57 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-12-12 08:57 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-12-12 08:57 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2014-10-15 14:58 - 2014-10-15 14:58 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\31e3a51afdf7182846a26895b07d3416\IsdiInterop.ni.dll 2010-07-12 22:29 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-12-18 08:07 - 2015-12-18 08:07 - 01114648 _____ () C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2015-05-29 11:36 - 2015-05-29 11:36 - 00008704 _____ () C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\suks3qeb.default-1422426005898\extensions\mintrayr@tn123.ath.cx\lib\tray_x86-msvc.dll 2015-12-09 14:59 - 2015-12-09 14:59 - 17647296 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Windows:C87E9264B810F2F2 AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\TEMP:6B0023F8 AlternateDataStreams: C:\ProgramData\TEMP:8F6FBE7F ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3074472845-1740885614-3036682275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: SearchAnonymizer => 2 MSCONFIG\Services: SrvUpdater => 2 MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{96D7ED9C-396D-4694-8F87-6539D9691DD4}] => (Allow) svchost.exe FirewallRules: [{1E71CD3C-2050-415F-B5CA-74C2F0623E33}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{3D7BF2D0-63A5-426C-9ED1-71AE1044DF9A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [TCP Query User{BF0A325E-E4B1-4325-B6C9-B63D6FF9BD20}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{1CEE091F-0570-4767-A6C2-8C83B04957D3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [TCP Query User{3543A0D8-49D8-4D61-A6F4-E5EC4E908C96}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{CA87C826-4839-4C8D-B125-22176CFAE7F7}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [TCP Query User{A4904A6B-FB4E-4AA8-B8A1-240E1E15C221}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{24A5CC1F-1D18-4AE3-ADC0-25ECA87510C8}C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe FirewallRules: [{2A652DD3-9569-4621-BB0A-97AAA8CC4687}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe FirewallRules: [{FBBBC668-5535-47AA-9E67-5510FA4D07D3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe FirewallRules: [{CFFCDC5B-B399-4024-8713-07B824F1893A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe FirewallRules: [{016927C7-1648-4969-9FDA-482F18C927AA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe FirewallRules: [{9D061F69-0602-471C-A0B9-AE30DBC49EE0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe FirewallRules: [{8B8381C7-C8F7-480F-BDBD-ED75D19B5200}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{9936BC3B-5870-487B-B3C2-4222524E6980}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{151D7654-4584-4E37-A6DB-BFF7C986826F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [TCP Query User{1000CD98-4666-456F-8959-59FF989FB354}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{EE87E345-DB27-4DAA-A12C-1480BFE26AF0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{5544699B-8D06-41D6-A99C-F187B74163E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{6FEFC0FC-9E90-476F-94C1-D5EB03C76798}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [UDP Query User{8A72C6B0-CFB4-4220-820C-C5F33BB955B7}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [{55D26F48-0ADF-4517-9556-FCEB79CE33BE}] => (Allow) LPort=8888 FirewallRules: [TCP Query User{52EC8465-7E7F-4359-B351-B255C67DAF8F}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [UDP Query User{DF8C7E65-D056-4B2B-ABFA-51034955DA55}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [TCP Query User{64731D5B-735F-4D6C-B9A1-36D7C4661428}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{5735261D-7661-4966-B685-DF2FC439215C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{60D5B047-B633-4183-89BF-ACE03ACCE89E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B5B057C-3CE7-4D8F-B905-CEB53AD9968F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6AEC4D38-7111-43C2-B0B1-0B80580E1C3F}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D419FE31-AF09-4E51-B967-8B099E31466F}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{BD2A36F2-CB46-4A9C-9316-FFBDE963E1CD}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{712C158E-9B77-4BFF-A47B-E22359DCABD0}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{C88A3359-EECC-4742-9C85-50156A28B1BB}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\DNSQuerySniffer.exe FirewallRules: [{640EF910-C2CF-452F-AFEF-17B73F35847F}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\DNSQuerySniffer.exe FirewallRules: [TCP Query User{765A819E-5F66-48C4-B2FA-7EB028B04085}C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe FirewallRules: [UDP Query User{CA30D60D-5EA0-4443-949E-916698570FF9}C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\netbscanner.exe FirewallRules: [TCP Query User{D204BE1F-4813-4E9E-B879-A3965ACE3207}C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe FirewallRules: [UDP Query User{BD1C34E8-0FB6-40A9-A201-665D764E5928}C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe] => (Allow) C:\users\klaus\appdata\roaming\nirsoft utilities\networkconnectlog.exe FirewallRules: [{05076517-5D3A-430A-AFAD-FC04AABC22AD}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\HTTPNetworkSniffer.exe FirewallRules: [{D7C5C439-F863-4C31-9FA9-A3B0C5885ADC}] => (Allow) C:\Users\Klaus\AppData\Roaming\NirSoft Utilities\HTTPNetworkSniffer.exe FirewallRules: [{58CF50B0-AE11-4611-A044-06B84A345F50}] => (Allow) LPort=8888 FirewallRules: [{F2415DCE-2081-40EE-86D2-250D05FBF005}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe FirewallRules: [{ADF13BC7-65D5-4C79-82C7-7A65E4772B03}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe FirewallRules: [{27027F1E-9964-48D6-801A-616FEE13DF3F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe FirewallRules: [{A12DC2D5-1928-4EC0-9D5C-F320A51AEA31}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe FirewallRules: [{FAF0C2B2-4525-490A-9484-6F38EAA82019}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{269BD79F-F0CB-49D5-A1E1-0D4A20B86D15}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C5417D7B-FB87-4176-8A04-64CC43BBB41B}] => (Allow) LPort=2869 FirewallRules: [{E51322BB-8956-495D-A3EB-0DE7A056FF25}] => (Allow) LPort=1900 FirewallRules: [{3E905ED1-4505-4159-9938-114B4C9CBEF9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{02194C6D-AD1B-4F6A-BBB5-CB801CF09BF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F9CEC52A-34EF-4C24-AB9B-2D0C4753191A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Officejet Pro 8500 A910 Description: Officejet Pro 8500 A910 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart 6510 series Description: Photosmart 6510 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Officejet Pro 8500 A910 Description: Officejet Pro 8500 A910 Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/24/2015 10:59:03 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (12/24/2015 10:59:03 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (12/24/2015 07:58:02 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (12/24/2015 07:58:01 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (12/24/2015 07:52:22 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (12/24/2015 07:13:35 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (12/24/2015 07:11:11 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (12/23/2015 02:06:30 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (12/23/2015 02:06:09 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (12/23/2015 01:55:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Systemfehler: ============= Error: (12/24/2015 01:36:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: TTNFD Error: (12/24/2015 11:06:52 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/24/2015 08:19:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: TTNFD Error: (12/24/2015 08:16:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Webbereitstellungs-Agent-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (12/24/2015 08:16:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Webbereitstellungs-Agent-Dienst erreicht. Error: (12/24/2015 06:25:04 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (12/24/2015 12:06:43 AM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (12/24/2015 12:06:43 AM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Unerwarteter Fehler. Fehlercode: 490@01010004 Error: (12/23/2015 10:52:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Seagate Dashboard Services" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/23/2015 09:55:42 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 CodeIntegrity: =================================== Date: 2015-07-28 09:13:03.826 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-07-28 09:13:03.733 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-07-28 09:13:03.249 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2015-07-28 09:13:03.171 Description: Die Integrität der Datei "\Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist. Date: 2012-12-12 19:55:04.627 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:54:50.837 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:54:29.793 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\TARGET\Leopard\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:54:29.262 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Eigene Dateien\Downloads\multiPE\Tools\pcwMultiPE.project\TARGET\Leopard\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:38:35.537 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\WinBioPlugIns\winbiosensoradapter.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2012-12-12 19:38:26.224 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\EIGENE~1\DOWNLO~1\multiPE\Tools\PCWMUL~1.PRO\TARGET\Leopard\Windows\System32\fveapibase.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Prozentuale Nutzung des RAM: 59% Installierter physikalischer RAM: 3950.1 MB Verfügbarer physikalischer RAM: 1615.26 MB Summe virtueller Speicher: 7898.4 MB Verfügbarer virtueller Speicher: 4786.15 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:228.21 GB) (Free:32.25 GB) NTFS Drive d: (Daten) (Fixed) (Total:224.11 GB) (Free:32.48 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: AA1C306D) Partition 1: (Not Active) - (Size=13.3 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=228.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=224.1 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ Punkt 4 deiner Frage: sieht viel besser aus als vorher. Im Moment keine Schwierigkeiten! Habe aber bei der ganzen Aktion gesehen, dass viele "Programmleichen" oder deren Reste vorhanden sind. Die werde ich von Hand "abschießen". viele Grüße Klaus |
24.12.2015, 14:10 | #26 |
/// Malwareteam | Cursor friert für kurze Zeit ein Hi, schaut sehr gut aus : Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {675619FA-94CC-4069-A717-2569CD32E816} - System32\Tasks\LL => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG C:\Users\Klaus\AppData\Roaming\LL.exe Task: {6E8871DA-C9F1-4696-A91D-54EC99FEEFDA} - System32\Tasks\CWSLOE => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG Task: C:\Windows\Tasks\CWSLOE.job => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG C:\Users\Klaus\AppData\Roaming\CWSLOE.exe EmptyTemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Dann wären wir hier durch. Deine Logs sind sauber Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür! Schritt # 1: Entfernen unserer Tools Die Reihenfolge ist hier entscheidend.
Abschließend noch ein paar Tipps von mir: Schritt # 2: Empfohlene Software Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet). Ich empfehle:
Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen. Alternativ kannst du verwenden:Dazu sind folgende Add-ons empfehlenswert: uBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus. Ghostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst. Du kannst auch Malwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen. Halte immer deine Plug-ins und Software aktuell, vor allem:
PluginCheck Filehippo App Manager Schritt # 3: Tipps um eine Neuinfektion zu vermeiden Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt. Da hilft es nur aufmerksam zu sein. Ein Tool, welches dich dabei gut unterstützen kann, ist: Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann. Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln. Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit Malwarebytes Anti-Malware und ESET. Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen. Schritt # 4: Unterstütze uns! Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Es reicht aber auch schon ein simples hier, wenn du mit uns zufrieden warst. unsere Facebook-Seite! Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann. |
24.12.2015, 14:51 | #27 |
| Cursor friert für kurze Zeit ein Hi Dennis, ich habe deine Hinweise gründlich gelesen und alles gelöscht. Fehlt nur noch der Post und der kommt hier. Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015 durchgeführt von Klaus (2015-12-24 14:34:41) Run:2 Gestartet von D:\Eigene Dateien\Downloads Geladene Profile: Klaus (Verfügbare Profile: Klaus & DefaultAppPool) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** Task: {675619FA-94CC-4069-A717-2569CD32E816} - System32\Tasks\LL => C:\Users\Klaus\AppData\Roaming\LL.exe <==== ACHTUNG C:\Users\Klaus\AppData\Roaming\LL.exe Task: {6E8871DA-C9F1-4696-A91D-54EC99FEEFDA} - System32\Tasks\CWSLOE => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG Task: C:\Windows\Tasks\CWSLOE.job => C:\Users\Klaus\AppData\Roaming\CWSLOE.exe <==== ACHTUNG C:\Users\Klaus\AppData\Roaming\CWSLOE.exe EmptyTemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{675619FA-94CC-4069-A717-2569CD32E816}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{675619FA-94CC-4069-A717-2569CD32E816}" => Schlüssel erfolgreich entfernt C:\Windows\System32\Tasks\LL => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LL" => Schlüssel erfolgreich entfernt "C:\Users\Klaus\AppData\Roaming\LL.exe" => nicht gefunden. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E8871DA-C9F1-4696-A91D-54EC99FEEFDA}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E8871DA-C9F1-4696-A91D-54EC99FEEFDA}" => Schlüssel erfolgreich entfernt C:\Windows\System32\Tasks\CWSLOE => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CWSLOE" => Schlüssel erfolgreich entfernt C:\Windows\Tasks\CWSLOE.job => erfolgreich verschoben "C:\Users\Klaus\AppData\Roaming\CWSLOE.exe" => nicht gefunden. EmptyTemp: => 12.2 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 14:34:47 ==== Viele Grüße Klaus |
24.12.2015, 14:54 | #28 |
/// Malwareteam | Cursor friert für kurze Zeit ein Viel Spaß und nochmal frohe Weihnachten! |
Themen zu Cursor friert für kurze Zeit ein |
cursor, eingefangen, etliche, friert, gefangen, helft, kurze, problem, sekunden, tagen |