| |
| |||||||
Log-Analyse und Auswertung: Mausprobleme, Rechner fährt nicht richtig runter, Malewarebytes ist fündig gewordenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.03.2016, 22:20
| #11 |
 |  Mausprobleme, Rechner fährt nicht richtig runter, Malewarebytes ist fündig geworden Bei AdwCleaner gab es beim ersten Mal eine Fehlermeldung: Line 8198 Error: Error parsing function call Dann war er verschwunden und es gab auch keinen Neustart. Hab ihn daraufhin nochmal gestartet und er meinte, er könne nichts finden. Neustart hat er nicht gemacht. Daraufhin hab ich ihn neugestartet. Alles weitere ohne besondere Vorkommnisse. Hier die Logs: Code:
ATTFilter # AdwCleaner v5.037 - Bericht erstellt am 02/03/2016 um 20:32:11
# Aktualisiert am 28/02/2016 von Xplode
# Datenbank : 2016-03-02.1 [Server]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Downloads\AdwCleaner_5.037.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\Program Files\Free FLV Converter
Ordner Gefunden : C:\Program Files\Free Video Converter
Ordner Gefunden : C:\ProgramData\SecTaskMan
Ordner Gefunden : C:\ProgramData\VideoConverter
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free FLV Converter
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Ordner Gefunden : C:\Users\*****\AppData\Local\Video Converter
Ordner Gefunden : C:\Users\*****\Documents\Video Converter
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DC97D932-ED6C-4AD3-A0D6-AA03C4C76A97}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Free Video Converter
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free FLV Converter_is1
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Free Video Converter
Schlüssel Gefunden : HKU\S-1-5-21-1492898777-1315905052-4281177461-1004\Software\AVG Secure Search
Schlüssel Gefunden : HKU\S-1-5-21-1492898777-1315905052-4281177461-1004\Software\AppDataLow\Software\Dealio
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\CC94835868BCA58489B0D79DE655BCB1
Wert Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{828C144B-0F30-455E-9FC5-0FAC6CD0DADA}]
Wert Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{496D040B-63FE-4C37-9476-7D04D426FF84}]
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[R0].txt - [4007 Bytes] - [04/05/2014 13:21:35]
C:\AdwCleaner\AdwCleaner[R1].txt - [4728 Bytes] - [30/11/2014 12:38:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [4068 Bytes] - [04/05/2014 13:24:19]
C:\AdwCleaner\AdwCleaner[S1].txt - [4187 Bytes] - [02/03/2016 20:32:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4260 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.037 - Bericht erstellt am 02/03/2016 um 20:50:33
# Aktualisiert am 28/02/2016 von Xplode
# Datenbank : 2016-02-28.2 [Lokal]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : ***** - *****-PC
# Gestartet von : C:\Users\*****\Desktop\Desktop\AdwCleaner_5.037(1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4290 Bytes] - [02/03/2016 20:37:13]
C:\AdwCleaner\AdwCleaner[R0].txt - [4007 Bytes] - [04/05/2014 13:21:35]
C:\AdwCleaner\AdwCleaner[R1].txt - [4728 Bytes] - [30/11/2014 12:38:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [4068 Bytes] - [04/05/2014 13:24:19]
C:\AdwCleaner\AdwCleaner[S1].txt - [4339 Bytes] - [02/03/2016 20:32:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [1060 Bytes] - [02/03/2016 20:50:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1133 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows Vista (TM) Home Premium x86
Ran by ***** (Administrator) on 02.03.2016 at 21:06:37,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 18
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2P00781S (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4J7EFL0G (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72MF7G32 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKT1WKD1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0DSACJ0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLA8823Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIBS5WIX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WVY87HC7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHIOBNKE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2P00781S (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4J7EFL0G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\72MF7G32 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKT1WKD1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I0DSACJ0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLA8823Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIBS5WIX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WVY87HC7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHIOBNKE (Temporary Internet Files Folder)
Registry: 1
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.03.2016 at 21:09:40,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-02-2016 01
durchgeführt von ***** (Administrator) auf *****-PC (02-03-2016 21:25:00)
Gestartet von C:\Users\*****\Desktop\Desktop
Geladene Profile: ***** & postgres (Verfügbare Profile: ***** & autor & postgres)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
() C:\Users\*****\AppData\Local\temp\Rar$EX63.960\Core Temp.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Antibody Software) C:\Program Files\WizMouse\WizMouse.exe
(Comfort Software Group) C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Run: [ISUSPM Startup] => c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Run: [WizMouse] => C:\Program Files\WizMouse\WizMouse.exe [723248 2010-05-23] (Antibody Software)
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Run: [FreeAC] => C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Keine Datei [ ]
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll Keine Datei
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-19]
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-07-27] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{29B00F74-80F5-4076-AFBC-25AB171BA972}: [DhcpNameServer] 139.7.30.125 139.7.30.126
Tcpip\..\Interfaces\{AE6BF88A-4AAD-4EF8-8A12-B89768B61052}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D1C22D29-0853-44E9-BBED-7C83E2706FB5}: [DhcpNameServer] 139.7.30.125 139.7.30.126
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-19] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-28] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-19] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-28] (AO Kaspersky Lab)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\c5iuc1qu.default-1427055446091
FF DefaultSearchEngine: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2009-11-14] (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1492898777-1315905052-4281177461-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1492898777-1315905052-4281177461-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-26] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-06-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-07-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-07-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-07-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-07-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-07-27] (Apple Inc.)
FF Extension: Mein Grundeinkommen - CrowdBar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\c5iuc1qu.default-1427055446091\Extensions\jid1-XGbYhwCViPEOUQ@jetpack.xpi [2015-11-03]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-02-12] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-02-12] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2009-12-17] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-01]
FF HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\zxapfs10.default\extensions\cliqz@cliqz.com => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-02-28] (Kaspersky Lab ZAO)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2009-04-07] (Teruten) [Datei ist nicht signiert]
S2 gupdate1c9de4d978f7944; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 pgsql-8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [65536 2008-09-19] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [Datei ist nicht signiert]
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-21] (Microsoft Corporation)
R0 ahcix86s; C:\Windows\System32\DRIVERS\ahcix86s.sys [183312 2008-10-03] (Advanced Micro Devices, Inc)
R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [10632 2007-10-12] (Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [33112 2013-02-18] (AVG Technologies)
U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [Datei ist nicht signiert]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-21] (Microsoft Corporation)
S3 DVC; C:\Windows\System32\Drivers\DVC.sys [38401 2001-09-09] (Samsung Electronics) [Datei ist nicht signiert]
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-04-07] () [Datei ist nicht signiert]
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [Datei ist nicht signiert]
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [102912 2009-06-29] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [58224 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [66976 2016-03-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [147328 2016-02-28] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44728 2016-02-28] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [776088 2016-03-01] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [33976 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [38072 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [39304 2016-02-28] (AO Kaspersky Lab)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [73912 2015-06-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [Datei ist nicht signiert]
R1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [Datei ist nicht signiert]
R3 ALSysIO; \??\C:\Users\*****\AppData\Local\Temp\ALSysIO.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\*****\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-02 21:09 - 2016-03-02 21:09 - 00003643 _____ C:\Users\*****\Desktop\JRT.txt
2016-03-02 20:30 - 2016-03-02 20:30 - 01518592 _____ C:\Users\*****\Downloads\AdwCleaner_5.037.exe
2016-03-01 10:37 - 2016-03-01 10:37 - 01722368 _____ (Farbar) C:\Users\*****\Downloads\FRST(1).exe
2016-03-01 00:40 - 2016-03-01 00:40 - 00001243 _____ C:\Users\*****\AppData\Local\recently-used.xbel
2016-02-28 16:22 - 2016-02-28 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-02-28 16:22 - 2016-02-28 16:21 - 00001981 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-02-28 16:05 - 2016-03-02 21:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-28 16:05 - 2016-02-28 16:05 - 00000000 ____D C:\Program Files\Kaspersky Lab
2016-02-28 16:03 - 2016-03-01 14:11 - 00776088 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-02-28 16:03 - 2016-02-28 17:08 - 00147328 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-02-28 10:38 - 2016-02-28 10:52 - 173986008 _____ (Kaspersky Lab) C:\Users\*****\Downloads\kis16.0.0.614de-de.exe
2016-02-27 13:19 - 2016-02-27 13:19 - 00143760 _____ C:\Windows\Minidump\Mini022716-01.dmp
2016-02-24 18:16 - 2016-02-24 18:17 - 28145646 _____ C:\Users\*****\Documents\Edit #14(1).mp4
2016-02-24 11:20 - 2016-03-01 10:46 - 00059112 _____ C:\Users\*****\Downloads\Addition.txt
2016-02-24 11:19 - 2016-03-01 10:46 - 00037616 _____ C:\Users\*****\Downloads\FRST.txt
2016-02-22 17:57 - 2016-02-22 17:57 - 00000000 ___HD C:\ProgramData\CanonIJScan
2016-02-22 17:57 - 2016-02-22 17:57 - 00000000 ____D C:\Users\*****\AppData\Roaming\Canon
2016-02-22 17:21 - 2016-02-22 17:21 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2016-02-22 17:21 - 2016-02-22 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2016-02-22 17:17 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2016-02-22 17:17 - 2010-03-19 13:55 - 00393256 _____ C:\Windows\system32\CNQ4809N.DAT
2016-02-22 17:17 - 2010-03-18 17:12 - 01335296 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2016-02-22 17:17 - 2010-03-18 17:12 - 00114688 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2016-02-22 17:17 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNQ4809U.dll
2016-02-22 17:17 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\system32\CNHMCA.dll
2016-02-19 10:01 - 2016-02-19 10:01 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-19 01:15 - 2016-02-19 01:15 - 00143760 _____ C:\Windows\Minidump\Mini021916-01.dmp
2016-02-18 00:02 - 2016-02-18 00:02 - 00143760 _____ C:\Windows\Minidump\Mini021816-01.dmp
2016-02-12 10:35 - 2016-02-13 11:50 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 19:34 - 2016-01-30 04:09 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 19:34 - 2016-01-30 04:09 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2016-02-11 19:34 - 2016-01-30 04:09 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-02-11 19:34 - 2016-01-30 04:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-02-11 19:34 - 2016-01-30 04:09 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-02-11 19:34 - 2016-01-30 04:09 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2016-02-11 19:34 - 2016-01-30 04:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-11 19:34 - 2016-01-30 04:08 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-02-11 19:34 - 2016-01-30 04:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 19:34 - 2016-01-30 04:08 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-02-11 19:34 - 2016-01-30 04:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-02-11 19:34 - 2016-01-30 04:08 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-02-11 19:34 - 2016-01-30 04:08 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2016-02-11 19:34 - 2016-01-30 04:08 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2016-02-11 19:34 - 2016-01-30 02:32 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\iashost.exe
2016-02-11 19:33 - 2016-02-01 18:21 - 01208776 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 19:33 - 2016-01-30 04:15 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-11 19:33 - 2016-01-30 04:15 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 19:33 - 2016-01-30 04:09 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-11 19:33 - 2016-01-30 04:09 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 19:33 - 2016-01-30 04:08 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 19:33 - 2016-01-30 04:07 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-11 19:33 - 2016-01-30 04:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 19:33 - 2016-01-30 02:24 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-11 19:30 - 2016-01-07 16:21 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 19:03 - 2016-01-07 16:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 18:56 - 2016-01-09 18:06 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 14:02 - 2016-01-25 05:59 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 14:02 - 2016-01-25 05:57 - 12391424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 14:02 - 2016-01-25 05:55 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 14:02 - 2016-01-25 05:54 - 09753600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 14:02 - 2016-01-25 05:54 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 14:02 - 2016-01-25 05:53 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 14:02 - 2016-01-25 05:52 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 14:02 - 2016-01-25 05:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 14:02 - 2016-01-25 05:52 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 14:02 - 2016-01-25 05:52 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 14:02 - 2016-01-25 05:52 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 14:02 - 2016-01-25 05:52 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-02-10 14:02 - 2016-01-25 05:52 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 14:02 - 2016-01-25 05:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 14:02 - 2016-01-25 05:51 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 14:02 - 2016-01-25 05:51 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 14:02 - 2016-01-25 05:51 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 14:02 - 2016-01-25 05:51 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 14:02 - 2016-01-25 05:51 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 14:02 - 2016-01-25 05:51 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-02-10 14:02 - 2016-01-25 05:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-02-10 14:02 - 2016-01-25 05:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-02-04 22:44 - 2016-02-04 22:44 - 00143760 _____ C:\Windows\Minidump\Mini020416-01.dmp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-02 21:25 - 2014-05-03 20:53 - 00000000 ____D C:\FRST
2016-03-02 21:23 - 2009-06-30 20:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-02 21:21 - 2015-02-23 18:39 - 00000000 ___RD C:\Users\*****\Dropbox
2016-03-02 21:21 - 2015-02-23 18:27 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2016-03-02 21:15 - 2009-06-30 20:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-02 21:15 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-02 21:15 - 2006-11-02 13:47 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-02 21:15 - 2006-11-02 13:47 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-02 21:13 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-02 20:50 - 2015-06-19 07:40 - 00001232 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492898777-1315905052-4281177461-1000UA.job
2016-03-02 20:50 - 2014-05-04 13:21 - 00000000 ____D C:\AdwCleaner
2016-03-02 20:30 - 2012-04-09 16:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-01 14:11 - 2015-06-06 08:48 - 00066976 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2016-03-01 10:50 - 2015-06-19 07:40 - 00001180 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492898777-1315905052-4281177461-1000Core.job
2016-03-01 00:32 - 2015-12-29 12:41 - 00000000 ____D C:\Users\*****\AppData\Local\gtk-2.0
2016-02-28 17:08 - 2015-06-08 19:43 - 00039304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2016-02-28 16:51 - 2015-07-04 02:18 - 00044728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-02-28 16:21 - 2009-04-18 17:29 - 00000000 ____D C:\Users\*****
2016-02-28 16:21 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\inf
2016-02-28 11:33 - 2013-02-24 12:23 - 00000000 ____D C:\Program Files\Avira
2016-02-28 11:22 - 2014-08-08 07:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-28 11:22 - 2013-02-24 12:23 - 00000000 ____D C:\ProgramData\Avira
2016-02-27 13:19 - 2009-07-03 12:18 - 00000000 ____D C:\Windows\Minidump
2016-02-27 13:18 - 2012-03-11 20:10 - 282812039 _____ C:\Windows\MEMORY.DMP
2016-02-27 09:19 - 2009-04-20 01:04 - 00150016 _____ C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-25 15:59 - 2009-04-19 09:11 - 00000000 ____D C:\Program Files\PokerTracker 3
2016-02-25 15:57 - 2009-04-19 10:24 - 00000000 ____D C:\Users\*****\AppData\Local\PokerStars.EU
2016-02-24 13:03 - 2015-12-29 12:46 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2016-02-24 10:14 - 2014-05-04 12:05 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-22 17:19 - 2006-11-02 12:18 - 00000000 __RSD C:\Windows\Media
2016-02-21 19:45 - 2013-06-19 09:01 - 00001749 _____ C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2016-02-21 19:45 - 2012-10-01 15:40 - 00001731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2016-02-21 19:45 - 2012-10-01 15:40 - 00000000 ____D C:\Program Files\PokerStars.EU
2016-02-19 21:31 - 2014-02-22 13:43 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 21:23 - 2008-01-21 08:16 - 01651918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-19 21:23 - 2008-01-21 08:15 - 00705688 _____ C:\Windows\system32\perfh007.dat
2016-02-19 21:23 - 2008-01-21 08:15 - 00159356 _____ C:\Windows\system32\perfc007.dat
2016-02-18 00:02 - 2016-01-09 15:46 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-02-18 00:02 - 2012-05-02 20:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-12 10:01 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2016-02-12 09:36 - 2006-11-02 13:47 - 00421272 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-12 00:32 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-12 00:32 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2016-02-11 19:27 - 2013-08-15 09:12 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 19:10 - 2006-11-02 11:24 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-02-10 00:30 - 2012-04-09 16:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-10 00:30 - 2011-06-15 08:21 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2004-01-26 16:15 - 2004-01-26 16:15 - 0233472 ____R () C:\Users\*****\AppData\Roaming\MafiaSetup.exe
2009-08-27 13:06 - 2009-08-28 14:07 - 0007887 _____ () C:\Users\*****\AppData\Roaming\pcouffin.cat
2009-08-27 13:06 - 2009-08-28 14:07 - 0001144 _____ () C:\Users\*****\AppData\Roaming\pcouffin.inf
2009-08-28 14:07 - 2009-08-28 14:07 - 0000033 _____ () C:\Users\*****\AppData\Roaming\pcouffin.log
2009-08-27 13:06 - 2009-08-28 14:07 - 0047360 _____ (VSO Software) C:\Users\*****\AppData\Roaming\pcouffin.sys
2009-04-19 12:11 - 2009-04-19 13:01 - 0000108 _____ () C:\Users\*****\AppData\Roaming\wklnhst.dat
2009-04-18 17:29 - 2013-03-16 19:09 - 0001356 _____ () C:\Users\*****\AppData\Local\d3d9caps.dat
2009-04-20 01:04 - 2016-02-27 09:19 - 0150016 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-05-10 12:54 - 2009-05-10 12:54 - 0000095 _____ () C:\Users\*****\AppData\Local\fusioncache.dat
2016-03-01 00:40 - 2016-03-01 00:40 - 0001243 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2011-03-29 07:02 - 2011-03-29 07:02 - 0005078 _____ () C:\ProgramData\bltofzsb.qlf
2009-06-16 13:25 - 2009-06-16 13:25 - 0121512 ____R () C:\ProgramData\DeviceManager.xml.rc4
2012-04-28 22:41 - 2012-04-28 22:41 - 0004969 _____ () C:\ProgramData\oinwddee.jeg
Einige Dateien in TEMP:
====================
C:\Users\*****\AppData\Local\temp\avgnt.exe
C:\Users\*****\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5pzsek.dll
C:\Users\*****\AppData\Local\temp\jre-8u31-windows-au.exe
C:\Users\*****\AppData\Local\temp\jre-8u60-windows-au.exe
C:\Users\*****\AppData\Local\temp\jre-8u71-windows-au.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-02 21:24
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-02-2016 01
durchgeführt von *****(2016-03-02 21:27:32)
Gestartet von C:\Users\\Desktop\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-04-18 16:20:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1492898777-1315905052-4281177461-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1492898777-1315905052-4281177461-1006 - Limited - Enabled)
autor (S-1-5-21-1492898777-1315905052-4281177461-1003 - Limited - Enabled) => C:\Users\autor
*****(S-1-5-21-1492898777-1315905052-4281177461-1000 - Administrator - Enabled) => C:\Users\
Gast (S-1-5-21-1492898777-1315905052-4281177461-501 - Limited - Disabled)
postgres (S-1-5-21-1492898777-1315905052-4281177461-1004 - Limited - Enabled) => C:\Users\postgres
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{60B8D26D-5D6D-21D5-0366-3664E5DE3471}) (Version: 3.0.728.0 - ATI Technologies, Inc.)
Audiograbber 1.83 SE (HKLM\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bonjour (HKLM\...\{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}) (Version: 2.0.3.0 - Apple Inc.)
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version: - )
ccc-core-preinstall (Version: 2008.1201.1504.27008 - ATI) Hidden
ccc-core-static (Version: 2008.1201.1504.27008 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
Celtx (2.9.7) (HKLM\...\Celtx (2.9.7)) (Version: 2.9.7 (de) - Greyfirst)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
Day Organizer, ver. 2.2.1.2 (HKLM\...\{B1370260-CCF7-483A-ACA0-58C353619467}) (Version: 2.2.1102 - Patrik Tanzer)
Dia (nur entfernen) (HKLM\...\Dia) (Version: - )
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Plus Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 2.0.0 - DivX,Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
Dragon NaturallySpeaking 10 (HKLM\...\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}) (Version: 10.0.200 - Nuance Communications Inc.)
Dropbox (HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
EAX Unified (HKLM\...\EAX Unified) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Fences (HKLM\...\Fences) (Version: - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Filmmakers Video Uploader (HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\Filmmakers Video Uploader) (Version: - Filmmakers)
Full Tilt Poker.Eu (HKLM\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.59.12.WIN.FullTilt.EU - )
GNU Backgammon (Version 1_05_000, 20150725) (HKLM\...\GNU Backgammon_is1) (Version: - Free Software Foundation)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)
iPhone-Konfigurationsprogramm (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Lightworks (HKLM\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.5.0.0 - Lightworks)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MFC RunTime files (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)
MozBackup 1.4.9 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 44.0.2 (x86 de) (HKLM\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\MPEG4E) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{47948554-90C6-4AAC-8CFA-D23CE11C1031}) (Version: 8.3.124 - Nero AG)
Opera Stable 19.0.1326.63 (HKLM\...\Opera 19.0.1326.63) (Version: 19.0.1326.63 - Opera Software ASA)
PC Connectivity Solution (HKLM\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDF Architect 2 (HKLM\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
PKR (HKLM\...\PKR) (Version: - PKR Ltd)
PokerStars (HKLM\...\PokerStars) (Version: - PokerStars)
PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu)
PokerTracker 3 (remove only) (HKLM\...\PokerTracker3) (Version: - )
PokerTracker 4 (remove only) (HKLM\...\PokerTracker4) (Version: - )
PostgreSQL 8.3 (HKLM\...\{B823632F-3B72-4514-8861-B961CE263224}) (Version: 8.3 - PostgreSQL Global Development Group)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SamsungConnectivityCableDriver (HKLM\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Scrivener (HKLM\...\Scrivener 1730) (Version: 1730 - Literature and Latte)
Security Task Manager 1.8c (HKLM\...\Security Task Manager) (Version: 1.8c - Neuber Software)
Skins (Version: 2008.1201.1504.27008 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SMPlayer 0.6.9 (HKLM\...\SMPlayer) (Version: 0.6.9 - RVM)
Speccy (HKLM\...\Speccy) (Version: 1.03 - Piriform)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
SumatraPDF (HKLM\...\SumatraPDF) (Version: 1.5.1 - Krzysztof Kowalczyk)
TableNinja (HKLM\...\{FB3F2F5E-349B-4425-ACB4-B59D7BF81822}) (Version: 1.1.25 - ALXSoftware)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Tomb Raider: Anniversary 1.0 (HKLM\...\Tomb Raider: Anniversary) (Version: - )
UB (HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\UB) (Version: - )
Unity Web Player (HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Visual C++ Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}) (Version: 10.00.200.017 - Nuance Communications Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F) (Version: 10/12/2007 6.85.4.0 - Nokia)
WinRAR 4.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WritePro Fiction (HKLM\...\WritePro Fiction) (Version: - )
WritePro FictionMaster (HKLM\...\WritePro FictionMaster) (Version: - )
YOU DON'T KNOW JACK® (HKLM\...\YDKJG) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{16753564-CEFD-4C69-9F32-850B30421898}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{1F274CE7-6D10-4ED8-B8CB-F6E6CF588D2B}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{24DD3FD9-494E-46C1-BA88-CC5767A11057}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{5BAF0283-793D-4A38-AA0D-11EDD499A334}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{600E7B70-2A8E-4D30-BA32-90B8E4D220BC}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{609EC0E6-3054-4D06-A2FA-9957E26351A7}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{68A874E7-8EF6-423F-8E37-C5785FB735D3}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{764575F8-C8F3-491E-94E9-9EC8F8A88005}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{9617017E-A373-472E-8973-B3B143922EEA}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{9705ECE3-137C-41B1-8F9A-C32B3AC4C777}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{B12625F9-2B2A-41CF-BDD2-D64E3F332504}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{B63545AB-0EB7-4E99-9AFF-1EB43624B0DF}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{D7FD0D2C-1C00-4D6B-80E4-3583A9CC3180}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{E1911E0C-F857-4C42-AE4A-DBCBEEDB3283}\InprocServer32 -> C:\Windows\system32\Codejock.Calendar.Unicode.v13.4.1.ocx (Codejock Software)
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {248CC901-CECB-410E-ABF4-19FC74C3B8F1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1492898777-1315905052-4281177461-1000Core => C:\Users\\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {2521A672-E439-45E5-8750-84D2A1ADDDDC} - System32\Tasks\{0DC00000-ABE6-4320-9AD1-DA94C5D042AD} => pcalua.exe -a E:\monsetup.exe -d E:\
Task: {36412CE9-E713-41BE-A89A-22995878A504} - System32\Tasks\{11604F24-6048-47F9-B85F-38F2788D0DDC} => pcalua.exe -a "D:\Treiber\Windows Vista\01. AMD Chipset\Setup.exe" -d "D:\Treiber\Windows Vista\01. AMD Chipset"
Task: {41811E5E-4509-40F2-9602-9ACE7A525AD7} - System32\Tasks\Core Temp Autostart *****=> C:\Users\\AppData\Local\Temp\Rar$EX63.960\Core Temp.exe [2013-10-08] () <==== ACHTUNG
Task: {74D65E48-BA10-42C8-BA13-77789A765317} - System32\Tasks\{0CF56F4C-0164-49EC-BB60-4C64FEFCCFC1} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/eula?source=lightinstaller
Task: {964195FE-AE42-4E5D-9254-CC0970A645DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A058DE35-0CA2-4008-8A55-13ABC0263EDC} - System32\Tasks\{B464682D-218D-4A33-AD7C-7ACDFD031A27} => pcalua.exe -a E:\wp-setup.exe -d E:\
Task: {A6EEDAEB-0FD1-47BD-B542-9F070123ECFA} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe [2014-09-19] (CHIP)
Task: {BFCAFF09-2BA7-4946-B128-F1AD1FD36152} - System32\Tasks\{865890C3-A78C-4F34-B453-EF3CD5384CCF} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {D98F0155-CCCB-4DBC-A3CC-36E85082E213} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1492898777-1315905052-4281177461-1000UA => C:\Users\\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {E1718456-93E9-43EE-B62B-3AE47DD7CDF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EB3E6811-69AF-408F-811B-8B5CF0544052} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {F1DDB829-B93F-4A21-BAD6-A462C1CAB446} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {F4BC0A81-166D-409C-B9FC-EC00E1565467} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {F781C4EF-AC70-4E38-91A7-D02A0131D0E4} - System32\Tasks\{FD11BF18-C2D7-4FF1-9897-76C56978A37D} => pcalua.exe -a E:\wp-setup.exe -d E:\
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492898777-1315905052-4281177461-1000Core.job => C:\Users\\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1492898777-1315905052-4281177461-1000UA.job => C:\Users\\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2008-09-19 02:03 - 2008-09-19 02:03 - 00167936 _____ () C:\Program Files\PostgreSQL\8.3\bin\LIBPQ.dll
2006-11-06 17:18 - 2006-11-06 17:18 - 00963584 _____ () C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll
2005-07-20 05:48 - 2005-07-20 05:48 - 00059904 _____ () C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll
2008-02-04 21:43 - 2008-02-04 21:43 - 00027136 _____ () C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll
2015-03-25 19:42 - 2013-10-08 13:22 - 00794272 _____ () C:\Users\\AppData\Local\Temp\Rar$EX63.960\Core Temp.exe
2008-12-01 21:46 - 2009-05-16 04:22 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2016-02-19 10:00 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-19 10:00 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-19 10:00 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-19 10:00 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-19 10:00 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00019760 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-19 10:00 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-19 10:00 - 2016-02-16 19:39 - 00381752 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-19 10:00 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-19 10:00 - 2016-02-16 19:38 - 00020816 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-19 10:00 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-19 10:00 - 2016-02-16 19:38 - 01682760 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-19 10:00 - 2016-02-16 19:38 - 00020808 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00021840 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00038696 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00021832 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00026456 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-19 10:00 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-19 10:00 - 2016-02-16 19:38 - 00117056 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00024392 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-19 10:00 - 2016-02-16 19:39 - 00023376 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-19 10:00 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-19 10:00 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-19 10:00 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00052024 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00021824 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00019776 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00020800 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-19 10:00 - 2016-02-16 19:38 - 00020280 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-19 10:00 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00022352 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00084792 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll
2016-02-19 10:00 - 2016-02-16 19:39 - 01826096 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-19 10:00 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 03928880 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 01971504 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00531248 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00132912 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00223544 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00207672 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00158008 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-19 10:00 - 2016-02-16 19:39 - 00042808 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-19 10:00 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-19 10:00 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-19 10:00 - 2016-02-16 19:39 - 00024904 _____ () C:\Users\\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2009-04-18 19:30 - 2009-04-18 19:30 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2011-03-30 07:40 - 2011-03-02 11:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 5108 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 11:23 - 2014-12-04 11:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1492898777-1315905052-4281177461-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1492898777-1315905052-4281177461-1004\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{492BB7DB-E493-4C16-9693-D4F325749766}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{E98A359B-3538-45CF-BDFB-07D02D7C67BA}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [TCP Query User{93016D79-B339-4486-9023-B8B13BD47EAB}C:\program files\zattoo\zattood.exe] => (Allow) C:\program files\zattoo\zattood.exe
FirewallRules: [UDP Query User{9CF4633D-45D4-4F69-AE2D-58E5D3CD7578}C:\program files\zattoo\zattood.exe] => (Allow) C:\program files\zattoo\zattood.exe
FirewallRules: [TCP Query User{6AD78A4E-2831-49B7-AC0D-80BE6CFB20F3}C:\program files\zattoo\zattoo.exe] => (Allow) C:\program files\zattoo\zattoo.exe
FirewallRules: [UDP Query User{0B9A8D8C-1353-4DB2-8327-6DBAB5F11295}C:\program files\zattoo\zattoo.exe] => (Allow) C:\program files\zattoo\zattoo.exe
FirewallRules: [TCP Query User{E39524B4-A99B-4A1F-968B-FD08A14B1B9A}C:\program files\weq\gvdownloader\gvdownloader.ui.exe] => (Allow) C:\program files\weq\gvdownloader\gvdownloader.ui.exe
FirewallRules: [UDP Query User{46B26B5D-86E8-49B2-A01B-42E8971F6652}C:\program files\weq\gvdownloader\gvdownloader.ui.exe] => (Allow) C:\program files\weq\gvdownloader\gvdownloader.ui.exe
FirewallRules: [TCP Query User{FE1D2449-3D4B-456E-B998-569822BBD735}C:\program files\emule\emule.exe] => (Allow) C:\program files\emule\emule.exe
FirewallRules: [UDP Query User{59255F16-94E9-4FA5-8571-E98299D16EDA}C:\program files\emule\emule.exe] => (Allow) C:\program files\emule\emule.exe
FirewallRules: [{E838F6BF-97DD-409B-A49C-E6CEA1C890F6}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{E209EDC4-9A15-441E-9C1D-16148A179F4E}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{3A9F98D6-6DFA-4FDB-B1D4-9341325F0CCA}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{3F96A377-497A-450E-BB71-A4CE9FA444D6}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{64423B1B-4728-4635-8E5A-A3D3E59B242D}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{6C952451-8B95-494F-B59C-84A39CBE3357}] => (Allow) C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{32930CD0-B066-4E7C-9BE0-56E1B58AA6AC}C:\program files\zattoo\zattood.exe] => (Allow) C:\program files\zattoo\zattood.exe
FirewallRules: [UDP Query User{EE0E78C1-09A7-4FF1-A2D3-1CBAA8299C03}C:\program files\zattoo\zattood.exe] => (Allow) C:\program files\zattoo\zattood.exe
FirewallRules: [TCP Query User{A381992D-CE31-4918-AEDE-620506AFF19B}C:\program files\klebezettel ng\klebez.exe] => (Allow) C:\program files\klebezettel ng\klebez.exe
FirewallRules: [UDP Query User{4F168BE8-5CA3-4359-A8FE-8BCF43D25912}C:\program files\klebezettel ng\klebez.exe] => (Allow) C:\program files\klebezettel ng\klebez.exe
FirewallRules: [{DE8404FB-3A80-4024-B4D6-FCD5C6F0343B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DC1EF0EC-CF9D-42B7-9E74-4B48B45F3367}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC239294-891F-480A-916E-64CD098130C4}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{CFF43058-DD25-423E-A1BC-9A6E4FAA5E3B}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{80BE424E-6472-4409-A894-1CBE4E4FB37E}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{EC9C518D-891C-4680-8015-976A25D5175C}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{E26389A5-DD02-472C-98FA-5FD1F0D8F01D}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{1336E1A9-541C-4352-9FA9-746F6D0096B1}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{7BFDB88A-F455-4C59-8A2E-B177237457E1}] => (Allow) LPort=80
FirewallRules: [{C92072FF-E4FD-460D-9B10-ECD63F5D419E}] => (Allow) LPort=80
FirewallRules: [{21E5AFD2-5754-48FF-9173-AAC4758526F5}] => (Allow) LPort=80
FirewallRules: [TCP Query User{40E2BFAE-7CF2-4A5D-A3BB-0D69786B088E}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{ED71901E-8449-4399-AAEC-278B9F9AC9AA}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{0C01BEF1-1C03-461E-A665-F454397A525B}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{1CFF0173-8372-4599-AF4A-A79065B95AC6}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{2A47DF2A-7BA1-47FE-A5B0-D1F7BF515CB4}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [{56EA5D80-AE56-42F3-9E9A-C32A82CCD6BA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{3743AC4C-9F6B-4376-B6DF-C5178EAFD295}] => (Allow) C:\Users\\AppData\Local\temp\7zS3D97\HPDiagnosticCoreUI.exe
FirewallRules: [{AF7AC75B-5570-48B0-AABC-DDAE779462EE}] => (Allow) C:\Users\\AppData\Local\temp\7zS3D97\HPDiagnosticCoreUI.exe
FirewallRules: [{B9047BBD-112C-4D54-B7F0-6972329B027F}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{30A70C17-3DAD-4557-870C-C085BA4FA632}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{972DFE16-E6DF-4395-8733-C5D7D79C2672}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D6742892-1169-40FF-85C1-86ACE7E3558C}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7C9D8530-2C5C-475E-BA20-5CFCFB69B5DF}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{36493E41-6F96-46E4-A0CF-55F4C1F5D4BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{930DA1BC-1F9F-4A95-BA42-8E63D7E784DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91F4979A-CED3-4FFD-AA21-2F0ABFB95690}] => (Allow) C:\Users\\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0DB84619-C63B-4941-9717-FECACE93B4A6}] => (Allow) C:\Users\\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{EF5D22CF-28FD-49DD-BA13-6F8214AEA82A}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{194F9799-1435-41ED-9AE8-92EBA13ABFAB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{03AC5E19-CB51-41B9-8CCB-48DA969EA630}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{54CA03C9-80F1-4F5B-9B44-B15D22395806}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5E51FD4F-D2A9-45D1-8437-57606535796E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
08-02-2016 00:00:03 Geplanter Prüfpunkt
09-02-2016 14:22:13 Windows Update
10-02-2016 16:03:44 Geplanter Prüfpunkt
11-02-2016 18:54:29 Windows Update
12-02-2016 13:04:30 Geplanter Prüfpunkt
13-02-2016 12:57:20 Geplanter Prüfpunkt
14-02-2016 11:03:30 Geplanter Prüfpunkt
15-02-2016 00:03:19 Geplanter Prüfpunkt
15-02-2016 13:40:18 Geplanter Prüfpunkt
16-02-2016 21:05:08 Windows Update
17-02-2016 14:30:01 Geplanter Prüfpunkt
18-02-2016 12:48:32 Geplanter Prüfpunkt
19-02-2016 19:22:35 Geplanter Prüfpunkt
20-02-2016 08:57:49 Geplanter Prüfpunkt
21-02-2016 15:10:27 Geplanter Prüfpunkt
22-02-2016 17:17:51 Gerätetreiber-Paketinstallation: Canon Bildverarbeitungsgeräte
23-02-2016 09:56:24 Windows Update
24-02-2016 09:09:09 Geplanter Prüfpunkt
24-02-2016 21:20:55 Geplanter Prüfpunkt
25-02-2016 13:49:30 Geplanter Prüfpunkt
26-02-2016 13:47:20 Windows Update
27-02-2016 11:02:51 Geplanter Prüfpunkt
28-02-2016 10:57:57 First Restore Point
28-02-2016 11:04:47 Gerätetreiber-Paketinstallation: Kaspersky Lab Netzwerkdienst
28-02-2016 11:08:11 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 11:08:30 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 11:10:05 Gerätetreiber-Paketinstallation: Kaspersky Lab ZAO Systemgeräte
28-02-2016 11:11:37 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 11:13:08 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 11:14:37 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 16:04:30 First Restore Point
28-02-2016 16:08:27 Gerätetreiber-Paketinstallation: Kaspersky Lab Netzwerkdienst
28-02-2016 16:11:40 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 16:11:55 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 16:13:29 Gerätetreiber-Paketinstallation: Kaspersky Lab ZAO Systemgeräte
28-02-2016 16:15:01 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 16:16:29 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 16:17:59 Gerätetreiber-Paketinstallation: Kaspersky Lab
28-02-2016 16:19:31 Gerätetreiber-Paketinstallation: Kaspersky Lab
29-02-2016 09:45:30 First Restore Point
29-02-2016 10:02:47 First Restore Point
29-02-2016 10:06:11 First Restore Point
01-03-2016 10:02:17 Windows Update
01-03-2016 14:13:42 First Restore Point
02-03-2016 13:00:53 Geplanter Prüfpunkt
02-03-2016 21:06:37 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft-ISATAP-Adapter #5
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/02/2016 09:18:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.0.6002.18005 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: c40
Anfangszeit: 01d174c055ae8380
Zeitpunkt der Beendigung: 4057
Error: (03/02/2016 09:16:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/02/2016 09:15:57 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (03/02/2016 08:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/02/2016 08:56:56 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (03/02/2016 08:38:11 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (03/02/2016 08:38:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\C5IUC1QU.DEFAULT-1427055446091\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/02/2016 08:38:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\C5IUC1QU.DEFAULT-1427055446091\SAFEBROWSING> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/02/2016 08:24:24 PM) (Source: Microsoft Office 12) (EventID: 2001) (User: )
Description: Rejected Safe Mode action : Microsoft Office Word.
Error: (03/02/2016 11:30:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (03/02/2016 08:59:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000PlugPlay
Error: (03/02/2016 08:37:41 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: 1Neustart des DienstsWindows Search%%1056
Error: (03/02/2016 08:37:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Presentation Foundation Font Cache 4.0.0.0101Neustart des Diensts
Error: (03/02/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Vodafone Mobile Connect Service1600001Neustart des Diensts
Error: (03/02/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Neustart des Diensts
Error: (03/02/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: PLFlash DeviceIoControl Service1
Error: (03/02/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: PostgreSQL Database Server 8.31
Error: (03/02/2016 08:37:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Nero BackItUp Scheduler 31
Error: (03/02/2016 08:37:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: FsUsbExService1
Error: (03/02/2016 08:37:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bonjour"1
CodeIntegrity:
===================================
Date: 2016-03-02 21:26:39.794
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:38.955
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:38.184
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:37.389
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:35.360
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klbackupdisk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:34.387
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klbackupdisk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:33.660
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klbackupdisk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:32.772
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klbackupdisk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:31.911
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kl1.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-03-02 21:26:31.163
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kl1.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 7750 Dual-Core Processor
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 3325.39 MB
Verfügbarer physikalischer RAM: 1694.56 MB
Summe virtueller Speicher: 6867.27 MB
Verfügbarer virtueller Speicher: 4363.38 MB
==================== Laufwerke ================================
Drive c: (BOOT) (Fixed) (Total:576.17 GB) (Free:176.96 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:9.86 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 2BAB359D)
Partition 1: (Active) - (Size=576.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== Ende vom Addition.txt ============================
Geändert von Dramatist (02.03.2016 um 22:31 Uhr) Grund: Anonymisierung |
| Themen zu Mausprobleme, Rechner fährt nicht richtig runter, Malewarebytes ist fündig geworden |
| antivir, antivirus, avira, bildschirm, bonjour, converter, desktop, dnsapi.dll, entfernen, excel, failed, firefox, flash player, frage, helper, home, installation, mozilla, programm, registry, required, scan, security, software, svchost.exe, vista, windows |
Baum-Darstellung