| |
| |||||||
Log-Analyse und Auswertung: Warnmeldung von Secure BankingWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.06.2016, 12:47
| #1 |
 |  Warnmeldung von Secure Banking Hallo  Ich bekomme des Öfteren eine Warnmeldung von Securebanking mit dem Hinweis, kein OnlineBanking zu nutzen. Code:
ATTFilter ========================================
[04.06.2016 - 00:40:01] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x6B09ACA0
PR_Read: JMP 0x6B09AC70
========================================
========================================
[04.06.2016 - 00:50:35] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x6B1AACA0
PR_Read: JMP 0x6B1AAC70
========================================
========================================
[07.06.2016 - 14:24:45] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7017ACA0
PR_Read: JMP 0x7017AC70
========================================
========================================
[07.06.2016 - 23:02:47] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7017ACA0
PR_Read: JMP 0x7017AC70
========================================
========================================
[08.06.2016 - 01:18:00] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7013ACA0
PR_Read: JMP 0x7013AC70
========================================
========================================
[09.06.2016 - 22:48:05] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7013ACA0
PR_Read: JMP 0x7013AC70
========================================
========================================
[10.06.2016 - 14:39:21] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7013ACA0
PR_Read: JMP 0x7013AC70
========================================
========================================
[10.06.2016 - 14:58:41] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7145ACA0
PR_Read: JMP 0x7145AC70
========================================
========================================
[10.06.2016 - 23:02:57] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x68A4ACA0
PR_Read: JMP 0x68A4AC70
========================================
========================================
[11.06.2016 - 01:04:56] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x68A4ACA0
PR_Read: JMP 0x68A4AC70
========================================
========================================
[11.06.2016 - 09:21:02] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x68A4ACA0
PR_Read: JMP 0x68A4AC70
========================================
========================================
[14.06.2016 - 13:26:11] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x68A4ACA0
PR_Read: JMP 0x68A4AC70
========================================
========================================
[14.06.2016 - 21:25:01] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x68A4ACA0
PR_Read: JMP 0x68A4AC70
========================================
========================================
[14.06.2016 - 21:25:15] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x68A4ACA0
PR_Read: JMP 0x68A4AC70
========================================
========================================
[14.06.2016 - 22:04:03] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7013ACA0
PR_Read: JMP 0x7013AC70
========================================
========================================
[14.06.2016 - 23:20:04] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x7013ACA0
PR_Read: JMP 0x7013AC70
========================================
========================================
[15.06.2016 - 11:43:53] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x613EACA0
PR_Read: JMP 0x613EAC70
========================================
========================================
[15.06.2016 - 18:51:13] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x613EACA0
PR_Read: JMP 0x613EAC70
========================================
========================================
[16.06.2016 - 12:40:00] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x5FA8ACA0
PR_Read: JMP 0x5FA8AC70
========================================
========================================
[16.06.2016 - 13:30:41] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x6BC2ACA0
PR_Read: JMP 0x6BC2AC70
========================================
========================================
[16.06.2016 - 13:59:35] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x6BC2ACA0
PR_Read: JMP 0x6BC2AC70
========================================
========================================
[16.06.2016 - 16:48:49] Malware gefunden!
----------------------------------------
Malware: Unbekannt
----------------------------------------
Infizierter Prozess: firefox.exe
----------------------------------------
Infizierte Funktionen:
PR_Write: JMP 0x6BC0ACA0
PR_Read: JMP 0x6BC0AC70
========================================
Code:
ATTFilter Datum: 17.06.2016
Malware: unbekannt
BrowserV Firefox
Aktion: Blocked
API: PR_Read
Hook Methode: JMP/CALL
Zieladresse 0x635cac70
API: PR_Write
Hook Methode: JMP/CALL
Zieladresse 0x635caca0
Datum: 20.06.2016
Malware: unbekannt
BrowserV Firefox
Aktion: Blocked
API: PR_Read
Hook Methode: JMP/CALL
Zieladresse 0x635cac70
API: PR_Write
Hook Methode: JMP/CALL
Zieladresse 0x635caca0
Hier das FRST Log: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 19-06-2016 01 durchgeführt von XXXXX (Administrator) auf LAPTOP (20-06-2016 13:20:18) Gestartet von C:\Users\XXXXX\Desktop Geladene Profile: XXXXX & (Verfügbare Profile: XXXXX & Gast) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe (Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Secunia) C:\Program Files\Secunia\PSI\psia.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe (Citrix Systems, Inc.) C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\concentr.exe (Secunia) C:\Program Files\Secunia\PSI\sua.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (Citrix Systems, Inc.) C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\wfcrun32.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Machinecode Technologies) C:\Program Files\Machinecode Technologies\Secure Banking\SecureBanking.exe () C:\Program Files\Machinecode Technologies\Secure Banking\sbservice.exe (Microsoft Corporation) C:\Windows\Temp\0E893478-FF0A-4292-9AC6-05E84124D814\DismHost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1316136 2008-06-20] (Synaptics, Inc.) HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-04-17] (DigitalPersona, Inc.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-07-21] (IDT, Inc.) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM\...\Run: [ConnectionCenter] => C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.) HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\update\realsched.exe [296056 2012-05-18] (RealNetworks, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM\...\Run: [SecureBanking] => C:\Program Files\Machinecode Technologies\Secure Banking\SecureBanking.exe [1770496 2016-06-20] (Machinecode Technologies) HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,, HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [1128000 2014-06-03] (BillP Studios) HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {21f6d865-1543-11e0-bda8-00238b327113} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {5fbe7ff5-8b09-11e0-a66f-001167b9d20a} - G:\AutoRun.exe HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {5fbe8005-8b09-11e0-a66f-001167b9d20a} - G:\AutoRun.exe HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {9b0eb52d-a5b7-11e1-a46e-001167b9d20a} - G:\install-tl.bat HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [1128000 2014-06-03] (BillP Studios) HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {21f6d865-1543-11e0-bda8-00238b327113} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5fbe7ff5-8b09-11e0-a66f-001167b9d20a} - G:\AutoRun.exe HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5fbe8005-8b09-11e0-a66f-001167b9d20a} - G:\AutoRun.exe HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9b0eb52d-a5b7-11e1-a46e-001167b9d20a} - G:\install-tl.bat Lsa: [Notification Packages] scecli DPPWDFLT Startup: C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-04-25] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * bddel.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{34A61A64-7F90-4FE5-82C8-6FF9580B7146}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-117767610-4170920979-3955755671-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei URLSearchHook: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> DefaultScope {C3F162DB-0DE1-45D9-B94C-89F5253561B0} URL = hxxp://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> {C3F162DB-0DE1-45D9-B94C-89F5253561B0} URL = hxxp://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {C3F162DB-0DE1-45D9-B94C-89F5253561B0} URL = hxxp://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C3F162DB-0DE1-45D9-B94C-89F5253561B0} URL = hxxp://www.google.de/search?q={searchTerms} BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.) BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18] (RealPlayer) BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-04-17] (DigitalPersona, Inc.) BHO: SwissAcademic.Citavi.Picker.IEPicker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-04] (Oracle Corporation) BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-04] (Oracle Corporation) BHO: NJStarBHO Class -> {E74F179F-F6CC-4BE0-9638-DEA49583953F} -> C:\Program Files\NJStar Communicator\NJStarBHO32.dll [2011-05-26] (NJStar Software Corp.) BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-117767610-4170920979-3955755671-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.) FireFox: ======== FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default FF DefaultSearchEngine: Startpage (SSL) FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.helpuu.com/ FF Session Restore: -> ist aktiviert. FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-04] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-18] (RealPlayer) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.) FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin HKU\S-1-5-21-117767610-4170920979-3955755671-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CCMSDK.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll [2009-09-13] () FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012-05-18] (RealPlayer) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll [2009-08-14] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2009-09-13] (Citrix Systems, Inc.) FF SearchPlugin: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\searchplugins\startpage-ssl.xml [2016-01-03] FF SearchPlugin: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\searchplugins\youtube.xml [2016-01-03] FF Extension: NoScript - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07] FF Extension: DownThemAll! - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-14] FF Extension: DownThemAll! AntiContainer - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\anticontainer@downthemall.net.xpi [2016-04-14] FF Extension: Ghostery - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\firefox@ghostery.com.xpi [2016-05-04] FF Extension: uBlock Origin - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\uBlock0@raymondhill.net.xpi [2016-05-03] FF Extension: 1-Click YouTube Video Downloader - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-04-05] FF Extension: FireShot - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-06-04] FF Extension: EPUBReader - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-02-16] FF Extension: Adblock Plus - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF Extension: Greasemonkey - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-29] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-06-10] [ist nicht signiert] FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2016-06-10] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-11] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2010-12-11] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2013-10-02] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-18] [ist nicht signiert] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff => nicht gefunden FF HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext FF HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext FF HKU\S-1-5-21-117767610-4170920979-3955755671-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-03-14] Chrome: ======= CHR Profile: C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-11-02] CHR Extension: (NJStar Chromate - NJStar Communicator Plugin for Chrome) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlklhlmekdhcfmndodpbjmgpepoeiiaf [2012-05-18] [UpdateUrl: hxxp://www.njstar.com/chromate/updates.xml.php] <==== ACHTUNG CHR Extension: (Norton Identity Protection) - C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-05-18] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-18] CHR HKLM\...\Chrome\Extension: [jlklhlmekdhcfmndodpbjmgpepoeiiaf] - C:\Program Files\NJStar Communicator\PLUGIN\NJChromate-3.0.2.crx [2011-05-26] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-04-17] (DigitalPersona, Inc.) [Datei ist nicht signiert] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1982752 2016-04-13] (ESET) S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-12-11] (Macrovision Europe Ltd.) [Datei ist nicht signiert] S3 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-30] (Hewlett-Packard Company) [Datei ist nicht signiert] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert] R3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert] R3 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe [221266 2009-07-21] (IDT, Inc.) S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.) S3 VSStandardCollectorService140; C:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [45800 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [567064 2014-08-19] (Wacom Technology, Corp.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.) R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.) R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [16272 2007-05-23] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-23] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206312 2016-05-12] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146024 2016-05-12] (ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [111040 2016-05-12] (ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [152728 2016-05-12] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44608 2016-05-12] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [71488 2016-05-12] (ESET) S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [12088 2014-08-06] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-06-20] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia) R0 PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [46096 2013-09-03] (Corel Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2012-05-24] (Duplex Secure Ltd.) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-03-02] (Samsung Electronics) [Datei ist nicht signiert] S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.) S3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation) [Datei ist nicht signiert] S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation) [Datei ist nicht signiert] S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.) S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [85304 2014-08-06] (Wacom Technology) S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13112 2014-08-06] (Wacom Technology) S3 clwvd; system32\DRIVERS\clwvd.sys [X] S3 cpuz134; \??\C:\Users\XXXXX\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] S3 eapihdrv; \??\C:\Users\XXXXX\AppData\Local\Temp\ehdrv.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSBXP.SYS [49408 2012-12-05] (Seiko Epson Corporation) S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X] S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-20 13:21 - 2016-06-20 13:21 - 00002731 _____ C:\Users\Public\Desktop\Secure Banking.lnk 2016-06-20 13:06 - 2016-06-20 13:13 - 00072772 _____ C:\Users\XXXXX\Desktop\Addition.txt 2016-06-20 13:03 - 2016-06-20 13:20 - 00033205 _____ C:\Users\XXXXX\Desktop\FRST.txt 2016-06-20 13:02 - 2016-06-20 13:20 - 00000000 ____D C:\FRST 2016-06-20 13:01 - 2016-06-20 13:02 - 01738240 _____ (Farbar) C:\Users\XXXXX\Desktop\FRST.exe 2016-06-17 13:30 - 2016-06-17 13:31 - 01646989 _____ C:\Users\XXXXX\Desktop\c130_splatter.abr 2016-06-17 11:19 - 2016-06-17 11:19 - 00000000 ____D C:\Users\XXXXX\AppData\Local\Machinecode_Technologies 2016-06-17 11:19 - 2016-06-17 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Banking 2016-06-17 11:19 - 2016-06-17 11:19 - 00000000 ____D C:\Program Files\Machinecode Technologies 2016-06-17 11:07 - 2016-06-17 11:07 - 00008448 _____ C:\Users\XXXXX\Desktop\SecureBanking_LOG.txt 2016-06-16 23:19 - 2016-06-16 23:19 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\chc 2016-06-16 22:47 - 2016-06-16 22:47 - 12709162 _____ C:\Users\XXXXX\Desktop\Clouds Photoshop .mp4 2016-06-16 21:57 - 2016-06-17 14:59 - 62387649 _____ C:\Users\XXXXX\Desktop\Zeichnung006.psd 2016-06-15 12:55 - 2016-06-15 12:56 - 00000000 ____D C:\Users\XXXXX\Desktop\Anforderungen Recruiting 2016-06-15 12:50 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-06-15 12:50 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-06-15 12:50 - 2016-05-13 23:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-06-15 12:50 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-06-15 12:50 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2016-06-15 12:50 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2016-06-15 12:50 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll 2016-06-15 12:50 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe 2016-06-15 12:50 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2016-06-15 12:49 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-06-15 12:49 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-06-15 12:49 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-06-15 12:49 - 2016-05-21 00:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-06-15 12:49 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-06-15 12:49 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-06-15 12:49 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-06-15 12:49 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-06-15 12:49 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-06-15 12:49 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-06-15 12:49 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-06-15 12:49 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-06-15 12:49 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-06-15 12:49 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-06-15 12:49 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-06-15 12:49 - 2016-05-20 23:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-06-15 12:49 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-06-15 12:49 - 2016-05-20 23:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-06-15 12:49 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-06-15 12:49 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-06-15 12:49 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-06-15 12:49 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-06-15 12:49 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-06-15 12:49 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-06-15 12:49 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-06-15 12:49 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-06-15 12:49 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-06-15 12:49 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-06-15 12:49 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-06-15 12:49 - 2016-05-20 23:09 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-06-15 12:49 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-06-15 12:49 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-06-15 12:49 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-06-15 12:49 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-06-15 12:49 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-06-15 12:49 - 2016-05-18 18:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-06-15 12:49 - 2016-05-12 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-06-15 12:49 - 2016-05-12 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-06-15 12:49 - 2016-05-12 17:18 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-06-15 12:49 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-06-15 12:49 - 2016-05-12 16:54 - 02397696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-06-15 12:49 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-06-15 12:49 - 2016-05-12 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-06-15 12:49 - 2016-05-12 16:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-06-15 12:49 - 2016-05-12 15:04 - 00370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-06-15 12:49 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-06-15 12:49 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2016-06-15 12:49 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-06-15 12:49 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2016-06-15 12:49 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2016-06-15 12:49 - 2016-05-11 16:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2016-06-15 00:51 - 2016-06-15 00:51 - 00071101 _____ C:\Users\XXXXX\Desktop\HIT-Anleitungen.pdf 2016-06-14 21:14 - 2016-06-14 21:14 - 08152021 _____ C:\Users\XXXXX\Desktop\Burgerking_1107.pdf 2016-06-10 12:36 - 2016-06-10 12:36 - 02025693 _____ C:\Users\XXXXX\Desktop\SRC.pdf 2016-06-10 11:07 - 2016-06-15 11:38 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-06-04 01:58 - 2016-06-04 01:58 - 00000000 ____D C:\Program Files\Common Files\Java 2016-06-04 00:18 - 2016-06-04 00:18 - 00000000 ____D C:\Users\XXXXX\AppData\Local\ESET 2016-06-04 00:15 - 2016-06-04 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2016-06-04 00:15 - 2016-06-04 00:15 - 00000000 ____D C:\ProgramData\ESET 2016-06-04 00:14 - 2016-06-04 00:14 - 00000000 ____D C:\Program Files\ESET 2016-06-02 20:45 - 2016-06-04 02:51 - 00259755 _____ C:\Users\XXXXX\Desktop\Handout_Suchtmedizinische_Behandlungskonzepte.pdf 2016-06-02 18:59 - 2016-06-04 00:09 - 00000046 _____ C:\Users\XXXXX\Desktop\Fortbildung.txt ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-20 13:20 - 2012-04-09 01:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-20 13:09 - 2016-04-16 18:35 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForXXXXX.job 2016-06-20 13:08 - 2010-12-11 13:36 - 00000000 ____D C:\Users\XXXXX\AppData\Local\Adobe 2016-06-20 13:04 - 2009-07-14 06:34 - 00013472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-20 13:04 - 2009-07-14 06:34 - 00013472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-20 13:00 - 2012-08-13 12:17 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-20 12:50 - 2014-06-19 23:24 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-06-20 12:48 - 2012-08-13 12:17 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-17 15:35 - 2012-04-09 01:26 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-06-17 15:35 - 2011-08-08 23:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-06-17 11:16 - 2012-09-13 20:19 - 00000000 ____D C:\Users\XXXXX\AppData\Local\Downloaded Installations 2016-06-17 11:07 - 2011-09-10 01:23 - 00155480 _____ C:\ProgramData\nvModes.001 2016-06-17 11:04 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-16 23:09 - 2011-02-01 21:55 - 00000000 ____D C:\Users\XXXXX\AppData\Local\CrashDumps 2016-06-16 22:47 - 2016-04-14 22:03 - 00000000 ____D C:\Users\XXXXX\Desktop\Photoshop 2016-06-16 19:59 - 2010-12-11 12:36 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-16 19:59 - 2009-07-14 10:47 - 00703192 _____ C:\Windows\system32\perfh007.dat 2016-06-16 19:59 - 2009-07-14 10:47 - 00150800 _____ C:\Windows\system32\perfc007.dat 2016-06-16 19:59 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf 2016-06-16 16:23 - 2010-12-11 12:32 - 00000000 ____D C:\Users\XXXXX 2016-06-16 12:43 - 2013-05-21 13:10 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\TeamDrive3 2016-06-16 12:32 - 2009-07-14 06:33 - 03789000 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-15 20:17 - 2016-05-10 20:08 - 00000000 ____D C:\Windows\system32\MRT 2016-06-15 20:05 - 2010-12-11 15:36 - 139785240 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-06-15 11:38 - 2012-05-03 20:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-06-14 16:34 - 2012-05-28 17:36 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\vlc 2016-06-13 19:31 - 2010-12-11 12:50 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-06-08 14:34 - 2010-12-12 19:38 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\Skype 2016-06-08 01:58 - 2013-06-06 20:44 - 00000000 ____D C:\Users\XXXXX\Desktop\IPod 2016-06-07 14:21 - 2014-06-19 23:23 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2016-06-07 14:21 - 2010-12-11 14:20 - 00000000 ____D C:\ProgramData\Norton 2016-06-04 13:59 - 2014-06-19 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-06-04 02:24 - 2014-06-24 15:56 - 00000000 ____D C:\ProgramData\Oracle 2016-06-04 02:00 - 2010-12-11 15:58 - 00000000 ____D C:\Program Files\Java 2016-06-04 01:59 - 2015-08-03 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-06-04 01:53 - 2015-08-03 14:20 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2016-06-04 00:39 - 2010-12-11 12:32 - 00000000 ____D C:\Users\XXXXX\AppData\Local\VirtualStore 2016-05-29 12:54 - 2015-10-25 21:32 - 00000000 ____D C:\Users\XXXXX\.oracle_jre_usage 2016-05-28 20:00 - 2015-11-05 16:39 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-28 17:15 - 2015-03-30 19:56 - 00000000 ____D C:\Users\XXXXX\AppData\Roaming\dvdcss 2016-05-24 23:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2011-07-08 00:24 - 2014-01-27 15:16 - 0000132 _____ () C:\Users\XXXXX\AppData\Roaming\Adobe GIF Format CS5 Prefs 2011-02-01 23:30 - 2014-01-27 15:21 - 0000132 _____ () C:\Users\XXXXX\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-05-15 19:31 - 2015-05-15 19:31 - 0000000 _____ () C:\Users\XXXXX\AppData\Roaming\gdfw.log 2015-05-15 19:30 - 2015-11-21 00:40 - 0001558 _____ () C:\Users\XXXXX\AppData\Roaming\gdscan.log 2012-08-27 23:42 - 2012-08-28 03:14 - 0000116 _____ () C:\Users\XXXXX\AppData\Roaming\history.PDF.pwcdat 2012-04-16 01:03 - 2012-04-16 01:03 - 0000066 _____ () C:\Users\XXXXX\AppData\Local\MODup-Log.txt 2011-01-04 23:53 - 2011-01-06 17:29 - 0001474 _____ () C:\Users\XXXXX\AppData\Local\RecConfig.xml 2012-06-18 14:17 - 2012-06-18 14:17 - 0007605 _____ () C:\Users\XXXXX\AppData\Local\Resmon.ResmonCfg 2011-04-20 09:13 - 2011-04-20 09:13 - 2522934 _____ () C:\Users\XXXXX\AppData\Local\[j0003]-[p09].bmp 2010-12-12 19:39 - 2010-12-12 19:39 - 0000048 ____H () C:\ProgramData\ezsidmv.dat 2010-12-11 14:07 - 2012-12-07 02:17 - 0005057 _____ () C:\ProgramData\hpzinstall.log 2011-09-10 01:23 - 2016-06-17 11:07 - 0155480 _____ () C:\ProgramData\nvModes.001 2011-09-09 23:03 - 2012-06-15 20:14 - 0155480 _____ () C:\ProgramData\nvModes.dat Einige Dateien in TEMP: ==================== C:\Users\XXXXX\AppData\Local\Temp\jre-8u91-windows-au.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert |
|
20.06.2016, 12:49
| #2 |
| |  Warnmeldung von Secure Banking Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 19-06-2016 01
durchgeführt von XXXXX (2016-06-20 13:22:34)
Gestartet von C:\Users\XXXXX\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2010-12-11 10:32:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-117767610-4170920979-3955755671-500 - Administrator - Disabled)
Gast (S-1-5-21-117767610-4170920979-3955755671-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-117767610-4170920979-3955755671-1005 - Limited - Enabled)
XXXXX (S-1-5-21-117767610-4170920979-3955755671-1000 - Administrator - Enabled) => C:\Users\XXXXX
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
Amazon Kindle (HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
Amazon Send to Kindle (HKLM\...\SendToKindle) (Version: 1.0.1.237 - Amazon)
AMP WinOFF 5.0.1 (HKLM\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Apple Application Support (32-Bit) (HKLM\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (Version: 3.3 - Microsoft Corporation) Hidden
AVG PC TuneUp 2015 (de-DE) (Version: 15.0.1001.638 - AVG Technologies) Hidden
Azure AD Authentication Connected Service (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (Version: 3.0.20 - Wacom) Hidden
Benutzerhandbuch EPSON BX535WD Series (HKLM\...\EPSON BX535WD Series Useg) (Version: - )
Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bluesoleil2.6.0.9 Release 070606 (HKLM\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation)
BoneLab (HKLM\...\{D16CBD59-07B3-4F98-A404-01B6D87A90F2}) (Version: 1.4.0.5 - Next Dimension Imaging)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.18.12 - Broadcom Corporation)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C3100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c3100_Help (Version: 82.0.256.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{F194B9D2-5BB0-4A36-912A-861DE0652181}) (Version: 1.23.0 - Kovid Goyal)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Citavi (HKLM\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.4.0.2 - Swiss Academic Software)
Citrix Online Plug-in - Web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Citrix Presentation Server Client - Nur Web (HKLM\...\{E9459BCF-0982-498B-ABA7-26C34323493F}) (Version: 10.200.2650 - Citrix Systems, Inc.)
Consideo Modeler - Consideo GmbH (HKLM\...\ConsideoModeler) (Version: - )
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.01 (HKLM\...\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}) (Version: 4.01.3749 - DigitalPersona, Inc.)
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Download Navigator (HKLM\...\{2E214231-5FAD-410A-AF5D-99AAB8558434}) (Version: 2.1.0 - SEIKO EPSON CORPORATION)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Erforderliche Komponenten für SSDT (HKLM\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
ESET Smart Security (HKLM\...\{6A4C81A3-2ECD-47A5-84F0-E77475B7BCED}) (Version: 9.0.381.1 - ESET, spol. s r.o.)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Video Flip and Rotate version 2.1.1.719 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.1.719 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.9.35.324 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Advisor (HKLM\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9652.3188 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.4.18.7 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
IIS 10.0 Express (HKLM\...\{C28C9704-5633-4765-92C0-E7CC50B14FAC}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
iStonsoft iPad iPod iPhone Data Recovery (HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\iStonsoft iPad iPod iPhone Data Recovery) (Version: 2.1.31 - iStonsoft)
iStonsoft iPad iPod iPhone Data Recovery (HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\iStonsoft iPad iPod iPhone Data Recovery) (Version: 2.1.31 - iStonsoft)
iTunes (HKLM\...\{3079C5C8-325A-4354-A733-456BACA1E5FB}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.18.07 - JMicron Technology Corp.)
Joe (HKLM\...\{0AD3DEBC-5321-457E-8B43-8F546940169B}) (Version: 4.00.0050 - Wirth IT Design)
LandOnline Client Components (HKLM\...\LandOnline Client Components) (Version: 1.0 - Land Information NZ)
Livebrush Mini (HKLM\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (Version: 1.5 - MoreMeYou) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaMonkey 4.1 (HKLM\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x86) 1.0.0-beta5 (HKLM\...\{2a375a89-9d97-35b7-917d-92f1ea73080d}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{E41DF93D-DC9B-4B22-A968-07077C574E43}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{2A3CC014-FA33-4027-AECD-9A4845223209}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 DEU (HKLM\...\{7CC4FADE-70AC-4560-9418-639D71A4767C}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{E26E9AFA-9510-409C-AFE8-73A0EB3BE325}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{B6019E33-AC77-4B09-8D67-48B5A2502B2B}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (Version: 14.0.23107 - Microsoft Corporation) Hidden
MoodTuner (HKLM\...\com.gugga.radiomini) (Version: 1.1 - GUGA EOOD)
MoodTuner (Version: 1.1 - GUGA EOOD) Hidden
Mozilla Firefox 47.0 (x86 de) (HKLM\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Netzwerkhandbuch EPSON BX535WD Series (HKLM\...\EPSON BX535WD Series Netg) (Version: - )
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NJStar Communicator (HKLM\...\NJStar Communicator) (Version: 3.00 - NJStar Software Corp.)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.64 - Nokia)
Nokia PC Suite (Version: 7.1.180.64 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Oracle VM VirtualBox 4.1.12 (HKLM\...\{BD2DF5E1-0B64-40EB-93CC-77F984ADB408}) (Version: 4.1.12 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Client German Language Pack (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung ML-1510_700 Series (HKLM\...\Samsung ML-1510_700 Series) (Version: - )
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Secure Banking (HKLM\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.1 - Machinecode Technologies)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.)
Smart Switch (Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.) Hidden
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Team Explorer for Microsoft Visual Studio 2015 (Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamDrive 3 (HKLM\...\TeamDrive 3) (Version: 3.1.0.316 - TeamDrive Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (Version: 14.0.23107 - Microsoft Corporation) Hidden
TeX Live 2011 (HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\TeXLive2011) (Version: 2011 - )
TeX Live 2011 (HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeXLive2011) (Version: 2011 - )
Texmaker (HKLM\...\Texmaker) (Version: - )
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
UniPrint Client 4.0 (HKLM\...\{50A7D603-B3DD-48C1-A518-486B2EDFFA3F}) (Version: 4.0.6 - UniPrint, a division of GFI Business Solutions Inc.)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
v2010.build.42 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2010.build.42 - eRightSoft)
Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.116 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WCF Data Services 5.6.4 DEU Language Pack (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{1EFF7739-9BDA-4295-BC07-383554CAAC84}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\CCMProxy.dll (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}\localserver32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{1EFF7739-9BDA-4295-BC07-383554CAAC84}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\CCMProxy.dll (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}\localserver32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01A58B17-9994-4F84-9B8A-788B88D86081} - System32\Tasks\{C2FA0599-B043-4F27-9276-365D7402AD4B} => pcalua.exe -a "C:\Program Files\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge
Task: {04DA8095-7A2E-4947-93B6-AA3DC01EA294} - System32\Tasks\{4F687082-90D4-4BF6-B8B1-6A47C975F70A} => pcalua.exe -a C:\Users\XXXXX\Desktop\HP\sp45499.exe -d C:\Users\XXXXX\Desktop\HP
Task: {0A27E96C-F7CA-4B6F-A081-4E0D6C934EB1} - System32\Tasks\{A9AF9DF9-8AB4-4780-B05C-845F3A4F7F80} => pcalua.exe -a C:\Users\XXXXX\Desktop\HP\sp41701.exe -d C:\Users\XXXXX\Desktop\HP
Task: {226A226F-D32F-434A-9550-9B71C95A49EB} - System32\Tasks\{57A1538B-9FC1-4013-8D09-3401422AB79D} => pcalua.exe -a C:\Users\XXXXX\Desktop\AntiTwin_Setup.exe -d C:\Users\XXXXX\Desktop
Task: {23F96337-0509-4DEB-B16A-4A882262C1CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {2931D861-9B82-4689-9257-D47728EFDAA4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-117767610-4170920979-3955755671-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {2BBECF94-610A-47AF-ADC8-A4B95626871A} - System32\Tasks\{63B728FC-7546-4B7D-99D9-65A0874A65DC} => pcalua.exe -a "C:\Users\XXXXX\Desktop\Neuer Ordner\Epson Zeug\epson374735eu.exe" -d "C:\Users\XXXXX\Desktop\Neuer Ordner\Epson Zeug"
Task: {2E880432-BE78-4708-B404-BDED3EF170F8} - System32\Tasks\{C230C231-6276-4147-BB27-0E09D78DDDC5} => pcalua.exe -a C:\Users\XXXXX\Desktop\everest\Dictionary.exe -d C:\Users\XXXXX\Desktop\everest
Task: {3386ED1D-AF3D-438C-9E4C-4159259DE9A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3560B0FF-E40C-490E-A409-C49FFBF7ECE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {3B9DAFC3-0E82-4BC0-B323-A589D770D1D0} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {675847AF-5FF4-48A6-84B0-31D5270C0A65} - System32\Tasks\HPCeeScheduleForXXXXX => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {6B73D93F-23E5-4133-B0E4-DDA7F719FB25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {6EB6D0E5-3238-40AC-82DC-A1166B2ABB25} - System32\Tasks\{D430D610-1028-4E95-B527-F019589A4F36} => pcalua.exe -a C:\Users\XXXXX\Desktop\winstger.exe -d C:\Users\XXXXX\Desktop
Task: {8B6D6D5C-D37F-4EEF-B072-5A334685E228} - System32\Tasks\{A7737EA2-A290-4226-97EE-BFCEFB607B2C} => C:\Program Files\Skype\\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
Task: {A41121D8-EE32-4C72-A672-CFCD3A1AF3CD} - System32\Tasks\{AD4F7045-77B1-4375-B5EE-19858BBE0FB2} => C:\Users\XXXXX\Desktop\AVCleaner.exe
Task: {A4B0351E-4D6C-4EF6-8EDD-105862596A31} - System32\Tasks\ReclaimerResumeInstallLogin_XXXXX => C:\Users\XXXXX\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.03\agent\rnupgagent.exe [2016-06-20] (RealNetworks, Inc.)
Task: {A704B174-1401-4825-A4E8-28AF9C1ED2F2} - System32\Tasks\ReclaimerResumeInstall_XXXXX => C:\Users\XXXXX\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.03\agent\rnupgagent.exe [2016-06-20] (RealNetworks, Inc.)
Task: {B1BE2BD2-7F4D-46CA-A0D3-553445F41189} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {B9952096-A45D-4B31-938A-F15AD6450873} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-117767610-4170920979-3955755671-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {B9C67796-59A2-4B49-B0D6-0A02B5EBC49A} - System32\Tasks\{40F9B922-24D2-4F8C-8B85-8C58F0BED0AA} => pcalua.exe -a C:\Users\XXXXX\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1
Task: {BA2B69C7-7ADF-4E27-ADA8-E932C7E3FB4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {D0BDD82D-18D1-4C22-AA38-068E004B7BE8} - System32\Tasks\{2EFB6DAE-93C8-49A4-8484-23E78456EBD6} => pcalua.exe -a C:\Users\XXXXX\Desktop\epson373094eu.exe -d C:\Users\XXXXX\Desktop
Task: {D18E9D75-7CA2-45C1-ACD8-B7F597892B83} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {D5943F47-F722-48D5-B29A-54508B0B371D} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {D9D185E5-4D90-4182-8E28-3D62F94E1F59} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-11-05] (Microsoft Corporation)
Task: {F479E73F-745E-4E90-AAE4-35A6B767AFF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2010-06-09] (Hewlett-Packard Company)
Task: {FF2844FF-EA07-4FF2-8E24-CD8330D2248E} - System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-XXXXX => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForXXXXX.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeX Live 2011\TeX Live command-line.lnk -> C:\texlive\2011\tlpkg\installer\tl-cmd.bat ()
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01040656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-31 00:06 - 2014-08-19 21:12 - 01019672 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-07-16 19:23 - 2016-06-20 12:58 - 00295424 _____ () C:\Program Files\Machinecode Technologies\Secure Banking\sbservice.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [119]
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09 [103]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7789 mehr Seiten.
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\1-se.com -> 1-se.com
Da befinden sich 12567 mehr Seiten.
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
Da befinden sich 12567 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-04-26 11:39 - 2014-11-05 21:36 - 00444869 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123moviedownload.com
Da befinden sich 15296 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-117767610-4170920979-3955755671-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-117767610-4170920979-3955755671-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-117767610-4170920979-3955755671-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TabletServicePen => 2
MSCONFIG\Services: TouchServicePen => 2
MSCONFIG\startupfolder: C:^Users^XXXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avira Systray => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BambooCore => C:\Program Files\Bamboo Dock\BambooCore.exe
MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: itype => "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UniPrint => C:\Users\XXXXX\AppData\Local\UniPrint\Client\SetDfltSettings.exe
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7687B8D4-4F27-44C2-96FD-787DCA5DDF33}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS09C3\OJP8500vA909_Full_13\setup\hpznui01.exe
FirewallRules: [{CC60033E-5658-4592-99A9-A8871D0854B9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1596E2A8-3D68-42E0-B4E6-2005B4EC0C8B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8C638BEB-C9C0-4E3E-ADFE-39C998C94DD6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{81B4F23D-BE53-425B-A8BB-C9F21935B58C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{C65604ED-F42D-4B52-BD60-9B5ECEC0498E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{49328C47-4AE7-40F5-8B3A-AA2427447EAF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{B62E9FD6-15F9-48B9-889C-B294CBD14D1D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{54849768-D56E-4E37-B03F-1ECFD95621CE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{6C7CAB87-9CFD-4B59-B12C-793C38AE9496}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{57DCF4F2-ED6C-4604-9A2E-5AE12A19FAB3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{FADD049E-E41F-4051-8740-8FC9023D17EF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{79EEE5F9-74DC-4FCA-8005-0BA87F629469}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{190DEB89-3A7E-49B4-A20E-8B42226CC5C3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FA37E5A2-FA59-4524-85CA-4E9E439C596A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{5C099229-2D4D-4CF5-9953-C14E3304D93E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{351C7116-E67D-4629-81CA-3EB6084FA3F7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{DF503E8A-4F99-4164-A4A3-B5416A9ADE28}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{1F94FB41-A54A-4288-847A-2BEA089B23B2}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{B319CB0D-7FA7-4F5C-A0E7-65DDC73AB5B1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C9369778-02AC-4837-9F73-E034D6D0DC3F}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{5BE379A8-6A35-4001-A479-5ADCE26E5F71}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{C26B8641-0593-47B7-891A-AD31B11BE891}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{ED5A1EA2-F807-4BFA-BC12-3DD7D1F1E1B2}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{8D22A957-48E8-445C-8644-38386A05FE5F}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{E5030BC1-9431-45D6-B265-8D39C67E8649}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{0E6F45D7-F158-45BB-AB7E-856AA203BC93}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0A3C30DB-2E3D-4BDD-9BD1-9C3F8D7D1925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{369F905D-1BC7-4A29-AF0F-82B16AB5E82B}] => (Allow) C:\Program Files\Giraffic\Giraffic.exe
FirewallRules: [{11CFCF96-12B5-4A18-93A9-0E8409109E47}] => (Allow) C:\Program Files\Giraffic\Giraffic.exe
FirewallRules: [{3BA39896-AC71-4EFD-B735-A8044F079829}] => (Allow) C:\Program Files\Giraffic\GirafficWatchdog.exe
FirewallRules: [{FA2FEF22-2CE1-4613-BBEE-AF679B50BAF4}] => (Allow) C:\Program Files\Giraffic\GirafficWatchdog.exe
FirewallRules: [{F79C1E88-09DE-4F23-BF34-14D4B0B68278}] => (Allow) LPort=8396
FirewallRules: [{58686ACE-CD8F-4F9F-AEFF-689B255848A1}] => (Allow) LPort=8396
FirewallRules: [{3A546FA2-DF41-4274-BF5C-B90433D4D0FE}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{04379F1D-9D19-48CD-B7CC-E7D3EEF65EAF}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{5480D9D1-9930-4C95-B23F-0B169A098414}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{7A81DBDA-4330-4407-9B94-0E458B7D1659}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{36EF71C8-B6EB-4B58-A969-78CD4DC2005A}] => (Allow) C:\Program Files\YourFileDownloader\Downloader.exe
FirewallRules: [{E2995586-6223-4A80-9B5D-24D843F63BC3}] => (Allow) C:\Program Files\YourFileDownloader\Downloader.exe
FirewallRules: [{6135EBDE-7B4B-4F46-874F-38F2C9EEF31E}] => (Allow) C:\Program Files\YourFileDownloader\YourFile.exe
FirewallRules: [{4415AC8A-5DC1-4937-9544-3EAB19E41DDB}] => (Allow) C:\Program Files\YourFileDownloader\YourFile.exe
FirewallRules: [{B8C277F7-9F59-4DC2-8A80-A1B0495AFC43}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{EEC0539C-61EE-4ABA-9AD0-7482EBC04AB9}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{BB64BFF4-86E2-471D-B4AD-2175478F96B5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{4E7588C3-568B-4550-BF86-62EF2CDD188C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{9BFC29B0-9DBD-41AB-AE40-C93989407C23}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{E932B3E1-B233-4FD7-9724-15740882E966}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0D956608-4213-4D4B-BCC8-4B539A636BE1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{C521F51F-7066-4593-8760-97F2DF1EAE9D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{9F3A9515-0A05-47BA-A57C-F23BC39AC7A2}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{3259A311-A980-477F-8674-8336B7FBC70D}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{0B806B0A-3143-4093-A343-77A7C2FCD911}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{629FC361-D54B-43CB-B01D-7FBC824D46F3}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [{F26876D0-2ABA-4D93-A76A-F97B36D0A253}] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [{71524894-1A65-4230-B0D4-A9715472CFBB}] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [{23789C66-2240-44B5-91E8-662517B5994A}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\EPSON BX535WD Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe
FirewallRules: [{1C985F8A-442A-4923-8EF1-5E1B1089883B}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\EPSON BX535WD Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe
FirewallRules: [{EB37AD80-D09F-4E4B-900A-555BE8F95E68}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{17426D12-1A6C-447D-9B6E-14CB0722AF90}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{958054E0-8A72-4765-A120-3517252DC5E8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{430E02E5-CB9E-4BA1-8E9A-3B5689717E3A}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{C00BBCBB-3D50-410D-9EB5-9A8CC61B2492}] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{482D02B2-3C46-47A8-B586-C858ECC64D74}] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B171771D-3EF1-44E8-A918-AE3B8D5A7102}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS5E47.tmp\SymNRT.exe
FirewallRules: [{49E6FD85-7683-4CF4-B93C-9DA47CA1E931}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS5E47.tmp\SymNRT.exe
FirewallRules: [{8AADDC33-5A18-4D08-A180-C14D37AC0E1B}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSE5BE.tmp\SymNRT.exe
FirewallRules: [{4B1EA3D8-6CBA-41B8-B4B6-E0FBE4D972F4}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSE5BE.tmp\SymNRT.exe
FirewallRules: [{AAB4E023-0812-43C0-87B9-8187DB5FD5A4}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSFAD4.tmp\SymNRT.exe
FirewallRules: [{342ECC98-A477-4F14-A33E-3771DEEC0064}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSFAD4.tmp\SymNRT.exe
FirewallRules: [{F2E6F5A0-54CA-4166-BAC9-08996322B5CB}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS29FF.tmp\SymNRT.exe
FirewallRules: [{ABA212B4-211C-43AE-96BD-3F1D77F44E15}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS29FF.tmp\SymNRT.exe
FirewallRules: [{3284F239-1606-4B4F-A8AD-93D69A10F0A2}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS82F4.tmp\SymNRT.exe
FirewallRules: [{CDA290AA-C9B1-40ED-AA41-818F27080EF1}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS82F4.tmp\SymNRT.exe
FirewallRules: [{DFF80C46-1CEB-40E5-9F63-927372B305CF}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS6EB9.tmp\SymNRT.exe
FirewallRules: [{DA79901C-D93E-4C7D-96C6-579E4E7D7722}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS6EB9.tmp\SymNRT.exe
FirewallRules: [{C962B677-10AE-4318-934B-77D705034287}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSD7E7.tmp\SymNRT.exe
FirewallRules: [{0F7A30FA-2F19-47BF-81A7-73798660B4DE}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSD7E7.tmp\SymNRT.exe
FirewallRules: [{684F05B3-A72E-490C-99FD-D5788E6DC0D8}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3E77.tmp\SymNRT.exe
FirewallRules: [{F301632A-276C-4A61-ABAE-8FCF722FFA4F}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3E77.tmp\SymNRT.exe
FirewallRules: [{DB5D54DC-D26D-4993-9BE7-90001CF2561A}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3015.tmp\SymNRT.exe
FirewallRules: [{C7747FFD-9E80-4A21-BA55-9E0D075C3045}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3015.tmp\SymNRT.exe
FirewallRules: [{A21F286A-1390-4E8C-898E-DE309FF6AF7C}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ED03C92C-FEA5-4D0D-BB20-8090D36351B3}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1895254A-C0AB-4935-9CF8-F98202A3C767}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3E94D44C-A916-4F4C-B052-2338A49B97D6}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EAAFCBFC-AADD-4146-98D7-74894617901A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F3AC9F29-8B8E-437C-99D6-17107153CAEC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{733130EC-F717-4DF3-B6F3-3D88FFCB9A6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0BB8833F-AD47-4C71-9305-AEC290DEA2B8}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E4B721F3-EB3C-4986-97E6-E3115ADBD6BF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{A43C9499-F441-4F8E-B5AA-49C57F649E1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0AB29B74-728D-4C30-80B7-6852A1038143}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1538BA87-25E3-48F5-9126-22388858B25F}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4E797EC4-2A65-461C-9AC2-FA7AADBF05AE}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{0A0D02C9-AAA2-4C1F-8791-658767ACD62A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{482589C6-BD58-4D66-A943-095B4C06FAC6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7E85BAB8-6061-4755-8D42-C4D4D14DD93C}] => (Allow) C:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{0CBABBA9-5CB7-48ED-9E14-CEA2824507A0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
28-05-2016 20:00:12 Windows Update
04-06-2016 00:40:13 Windows Update
07-06-2016 14:31:34 Windows Update
14-06-2016 16:18:32 Windows Update
15-06-2016 01:18:52 Windows Update
15-06-2016 20:00:56 Windows Update
17-06-2016 11:17:06 Installed Secure Banking.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Officejet Pro 8500 A909a
Description: Officejet Pro 8500 A909a
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Officejet Pro 8500 A909a
Description: Officejet Pro 8500 A909a
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/17/2016 04:59:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13509
Error: (06/17/2016 04:59:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13509
Error: (06/17/2016 04:59:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/17/2016 04:59:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12511
Error: (06/17/2016 04:59:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12511
Error: (06/17/2016 04:59:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/17/2016 04:59:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11497
Error: (06/17/2016 04:59:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11497
Error: (06/17/2016 04:59:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/17/2016 04:59:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10483
Systemfehler:
=============
Error: (06/20/2016 12:49:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (06/20/2016 12:49:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (06/20/2016 12:49:21 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (06/20/2016 12:49:21 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (06/20/2016 12:48:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (06/20/2016 12:47:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (06/17/2016 03:34:53 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{34A61A64-7F90-4FE5-82C8-6FF9580B7146} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (06/17/2016 11:17:54 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/17/2016 11:17:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/17/2016 11:17:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
CodeIntegrity:
===================================
Date: 2015-09-27 23:18:25.844
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.090
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.086
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.082
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.070
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.066
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.062
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.029
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.026
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Prozentuale Nutzung des RAM: 70%
Installierter physikalischer RAM: 3039.21 MB
Verfügbarer physikalischer RAM: 909.71 MB
Summe virtueller Speicher: 6076.74 MB
Verfügbarer virtueller Speicher: 3233.2 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:289.02 GB) (Free:155.16 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:8.96 GB) (Free:1.61 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (READYBOOST) (Removable) (Total:7.3 GB) (Free:3.31 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97A197A1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: E6BA8DA8)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0B)
==================== Ende vom Addition.txt ============================
Danke fürs Durchlesen! |
|
21.06.2016, 10:05
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Warnmeldung von Secure Banking Malwarebytes Anti-Rootkit (MBAR)
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
22.06.2016, 18:42
| #4 |
| | Warnmeldung von Secure Banking Danke! Er hat nichts gefunden, deswegen kein Neustart Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.06.22.04
rootkit: v2016.05.27.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18349
XXXXX :: LAPTOP [administrator]
22.06.2016 18:57:36
mbar-log-2016-06-22 (18-57-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 369776
Time elapsed: 37 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
23.06.2016, 08:55
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Warnmeldung von Secure Banking Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.06.2016, 12:18
| #6 |
| | Warnmeldung von Secure Banking AdwCleaner Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 23/06/2016 um 12:38:13
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-14.1 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X86)
# Benutzername : XXXXX - LAPTOP
# Gestartet von : C:\Users\XXXXX\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs
\Free Youtube Downloader
[-] Ordner gelöscht : C:\Windows\system32\config\systemprofile\AppData
\LocalLow\HPAppData
[-] Ordner gelöscht : C:\Users\XXXXX\AppData\LocalLow\HPAppData
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] Schlüssel gelöscht : HKCU\Software\APN PIP
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer
\InternetRegistry\REGISTRY\USER\S-1-5-21-117767610-4170920979-
3955755671-1000\Software\ICQ\ICQToolbar
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1548 Bytes] - [23/06/2016 12:38:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [381 Bytes] - [23/06/2016 12:34:10]
C:\AdwCleaner\AdwCleaner[S2].txt - [1603 Bytes] - [23/06/2016 12:36:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1766 Bytes]
##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x86
Ran by XXXXX (Administrator) on 23.06.2016 at 12:48:36,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 11
Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File)
Successfully deleted: C:\ProgramData\software4u (Folder)
Successfully deleted: C:\Users\XXXXX\AppData\Roaming\software4u (Folder)
Successfully deleted: C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7AWKDLZP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BW3H4IN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90N86154 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUCLDYK3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7AWKDLZP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BW3H4IN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90N86154 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUCLDYK3 (Temporary Internet Files Folder)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.06.2016 at 12:52:13,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 |
|
23.06.2016, 12:26
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Warnmeldung von Secure Banking Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.06.2016, 13:13
| #8 |
| | Warnmeldung von Secure Banking FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:12-10-2015 durchgeführt von xxxxx (Administrator) auf LAPTOP (23-06-2016 13:45:26) Gestartet von C:\Users\xxxxx\Desktop Geladene Profile: xxxxx (Verfügbare Profile: xxxxx & Gast) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe (Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Secunia) C:\Program Files\Secunia\PSI\psia.exe (Malwarebytes) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Citrix Systems, Inc.) C:\Users\xxxxx\AppData\Local\Citrix\ICA Client\concentr.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Machinecode Technologies) C:\Program Files\Machinecode Technologies\Secure Banking\SecureBanking.exe (BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (Citrix Systems, Inc.) C:\Users\xxxxx\AppData\Local\Citrix\ICA Client\wfcrun32.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Secunia) C:\Program Files\Secunia\PSI\sua.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe (Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1316136 2008-06-20] (Synaptics, Inc.) HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-04-17] (DigitalPersona, Inc.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-07-21] (IDT, Inc.) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM\...\Run: [ConnectionCenter] => C:\Users\xxxxx\AppData\Local\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296056 2012-05-18] (RealNetworks, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKLM\...\Run: [SecureBanking] => C:\Program Files\Machinecode Technologies\Secure Banking\SecureBanking.exe [1770496 2016-06-20] (Machinecode Technologies) HKLM\...\Winlogon: [Userinit] C:\Windows\System32\Userinit.exe,, HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [1128000 2014-06-03] (BillP Studios) HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {21f6d865-1543-11e0-bda8-00238b327113} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {5fbe7ff5-8b09-11e0-a66f-001167b9d20a} - G:\AutoRun.exe HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {5fbe8005-8b09-11e0-a66f-001167b9d20a} - G:\AutoRun.exe HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\MountPoints2: {9b0eb52d-a5b7-11e1-a46e-001167b9d20a} - G:\install-tl.bat Lsa: [Notification Packages] scecli DPPWDFLT Startup: C:\Users\xxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-05-25] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * bddel.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{34A61A64-7F90-4FE5-82C8-6FF9580B7146}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-117767610-4170920979-3955755671-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> DefaultScope {C3F162DB-0DE1-45D9-B94C-89F5253561B0} URL = hxxp://www.google.de/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> {C3F162DB-0DE1-45D9-B94C-89F5253561B0} URL = hxxp://www.google.de/search?q={searchTerms} BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-23] (Hewlett-Packard Co.) BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-18] (RealPlayer) BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-04-17] (DigitalPersona, Inc.) BHO: SwissAcademic.Citavi.Picker.IEPicker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-04] (Oracle Corporation) BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-04] (Oracle Corporation) BHO: NJStarBHO Class -> {E74F179F-F6CC-4BE0-9638-DEA49583953F} -> C:\Program Files\NJStar Communicator\NJStarBHO32.dll [2011-05-26] (NJStar Software Corp.) BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-23] (Hewlett-Packard Co.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-117767610-4170920979-3955755671-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_60-windows-i586.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.) FireFox: ======== FF ProfilePath: C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default FF DefaultSearchEngine: Startpage (SSL) FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.helpuu.com/ FF Session Restore: -> ist aktiviert. FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-04] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin: @real.com/nppl3260;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-05-18] (RealPlayer) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.) FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin HKU\S-1-5-21-117767610-4170920979-3955755671-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CCMSDK.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxlogging.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll [2009-09-13] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll [2009-09-13] () FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-05-18] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2012-05-18] (RealPlayer) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll [2009-08-14] (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll [2009-09-13] (Citrix Systems, Inc.) FF SearchPlugin: C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\searchplugins\startpage-ssl.xml [2016-01-03] FF SearchPlugin: C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\searchplugins\youtube.xml [2016-01-03] FF Extension: FireShot - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-06-04] FF Extension: EPUBReader - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-02-16] FF Extension: DownThemAll! AntiContainer - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\anticontainer@downthemall.net.xpi [2011-05-12] FF Extension: Ghostery - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\firefox@ghostery.com.xpi [2015-10-27] FF Extension: uBlock Origin - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\uBlock0@raymondhill.net.xpi [2015-11-11] FF Extension: 1-Click YouTube Video Downloader - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2013-10-28] FF Extension: NoScript - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-28] FF Extension: Adblock Plus - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-15] FF Extension: DownThemAll! - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-12] FF Extension: Greasemonkey - C:\Users\xxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\34urll22.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-27] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-06-10] FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2016-06-10] FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-06-10] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-12-11] FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2010-12-11] FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012-05-15] FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-18] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff => nicht gefunden FF HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext Chrome: ======= CHR Profile: C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-11-02] CHR Extension: (NJStar Chromate - NJStar Communicator Plugin for Chrome) - C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlklhlmekdhcfmndodpbjmgpepoeiiaf [2012-05-18] CHR Extension: (Norton Identity Protection) - C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2012-05-18] CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-18] CHR HKLM\...\Chrome\Extension: [jlklhlmekdhcfmndodpbjmgpepoeiiaf] - C:\Program Files\NJStar Communicator\PLUGIN\NJChromate-3.0.2.crx [2011-05-26] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-04-17] (DigitalPersona, Inc.) [Datei ist nicht signiert] R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1982752 2016-04-13] (ESET) R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-12-11] (Macrovision Europe Ltd.) [Datei ist nicht signiert] S3 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-30] (Hewlett-Packard Company) [Datei ist nicht signiert] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert] R3 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert] R3 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R3 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe [221266 2009-07-21] (IDT, Inc.) S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert] R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.) S3 VSStandardCollectorService140; C:\Program Files\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [45800 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [567064 2014-08-19] (Wacom Technology, Corp.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.) R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [34704 2007-05-11] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [27792 2007-03-05] (IVT Corporation.) R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [16272 2007-05-23] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [36496 2007-05-23] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [20880 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [35600 2007-03-05] (IVT Corporation.) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert] R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206312 2016-05-12] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146024 2016-05-12] (ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [111040 2016-05-12] (ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [152728 2016-05-12] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44608 2016-05-12] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [71488 2016-05-12] (ESET) S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [12088 2014-08-06] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-06-23] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia) R0 PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [46096 2013-09-03] (Corel Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2012-05-24] (Duplex Secure Ltd.) R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-03-02] (Samsung Electronics) [Datei ist nicht signiert] S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [34448 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [44304 2007-03-05] (IVT Corporation.) S3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation) [Datei ist nicht signiert] S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation) [Datei ist nicht signiert] S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.) S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [85304 2014-08-06] (Wacom Technology) S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13112 2014-08-06] (Wacom Technology) S3 clwvd; system32\DRIVERS\clwvd.sys [X] S3 cpuz134; \??\C:\Users\xxxxx\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] S3 eapihdrv; \??\C:\Users\xxxxx\AppData\Local\Temp\ehdrv.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSBXP.SYS [49408 2012-12-05] (Seiko Epson Corporation) S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X] S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-23 13:45 - 2016-06-23 13:46 - 00029296 _____ C:\Users\xxxxx\Desktop\FRST.txt 2016-06-23 12:47 - 2016-06-23 12:37 - 00001603 _____ C:\Users\xxxxx\Desktop\AdwCleaner[S2].txt 2016-06-23 12:47 - 2016-06-23 12:34 - 00000381 _____ C:\Users\xxxxx\Desktop\AdwCleaner[S1].txt 2016-06-23 12:20 - 2016-06-23 13:45 - 00000000 ____D C:\Users\xxxxx\Desktop\2016_06 Malware Secure Banking 2016-06-22 18:56 - 2016-06-22 19:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-06-22 18:54 - 2016-06-22 18:54 - 00000000 ____D C:\Users\xxxxx\Desktop\mbar-1.09.3.1001 2016-06-20 13:21 - 2016-06-20 13:21 - 00002731 _____ C:\Users\Public\Desktop\Secure Banking.lnk 2016-06-20 13:02 - 2016-06-23 13:45 - 00000000 ____D C:\FRST 2016-06-17 11:19 - 2016-06-17 11:19 - 00000000 ____D C:\Users\xxxxx\AppData\Local\Machinecode_Technologies 2016-06-17 11:19 - 2016-06-17 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Banking 2016-06-17 11:19 - 2016-06-17 11:19 - 00000000 ____D C:\Program Files\Machinecode Technologies 2016-06-16 23:19 - 2016-06-16 23:19 - 00000000 ____D C:\Users\xxxxx\AppData\Roaming\chc 2016-06-16 22:47 - 2016-06-16 22:47 - 12709162 _____ C:\Users\xxxxx\Desktop\Clouds Photoshop .mp4 2016-06-16 21:57 - 2016-06-17 14:59 - 62387649 _____ C:\Users\xxxxx\Desktop\Zeichnung006.psd 2016-06-15 12:55 - 2016-06-15 12:56 - 00000000 ____D C:\Users\xxxxx\Desktop\Anforderungen Recruiting 2016-06-15 12:50 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-06-15 12:50 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2016-06-15 12:50 - 2016-05-13 23:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2016-06-15 12:50 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2016-06-15 12:50 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2016-06-15 12:50 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll 2016-06-15 12:50 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2016-06-15 12:50 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll 2016-06-15 12:50 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe 2016-06-15 12:50 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2016-06-15 12:49 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-06-15 12:49 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-06-15 12:49 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-06-15 12:49 - 2016-05-21 00:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-06-15 12:49 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-06-15 12:49 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-06-15 12:49 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-06-15 12:49 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-06-15 12:49 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-06-15 12:49 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-06-15 12:49 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-06-15 12:49 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-06-15 12:49 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-06-15 12:49 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-06-15 12:49 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-06-15 12:49 - 2016-05-20 23:44 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-06-15 12:49 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-06-15 12:49 - 2016-05-20 23:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-06-15 12:49 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-06-15 12:49 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-06-15 12:49 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-06-15 12:49 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-06-15 12:49 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-06-15 12:49 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-06-15 12:49 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-06-15 12:49 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-06-15 12:49 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-06-15 12:49 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-06-15 12:49 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-06-15 12:49 - 2016-05-20 23:09 - 00689664 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-06-15 12:49 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-06-15 12:49 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-06-15 12:49 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-06-15 12:49 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-06-15 12:49 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-06-15 12:49 - 2016-05-18 18:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-06-15 12:49 - 2016-05-12 17:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-06-15 12:49 - 2016-05-12 17:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-06-15 12:49 - 2016-05-12 17:18 - 01062400 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-06-15 12:49 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-06-15 12:49 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-06-15 12:49 - 2016-05-12 16:54 - 02397696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-06-15 12:49 - 2016-05-12 16:52 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-06-15 12:49 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-06-15 12:49 - 2016-05-12 16:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-06-15 12:49 - 2016-05-12 16:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-06-15 12:49 - 2016-05-12 15:04 - 00370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-06-15 12:49 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-06-15 12:49 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2016-06-15 12:49 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-06-15 12:49 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2016-06-15 12:49 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2016-06-15 12:49 - 2016-05-11 16:52 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2016-06-10 11:07 - 2016-06-15 11:38 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-06-04 01:58 - 2016-06-04 01:58 - 00000000 ____D C:\Program Files\Common Files\Java 2016-06-04 00:18 - 2016-06-04 00:18 - 00000000 ____D C:\Users\xxxxx\AppData\Local\ESET 2016-06-04 00:15 - 2016-06-04 00:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2016-06-04 00:15 - 2016-06-04 00:15 - 00000000 ____D C:\ProgramData\ESET 2016-06-04 00:14 - 2016-06-04 00:14 - 00000000 ____D C:\Program Files\ESET 2016-06-02 18:59 - 2016-06-04 00:09 - 00000046 _____ C:\Users\xxxxx\Desktop\Fortbildung.txt ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-23 13:47 - 2012-08-13 12:17 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-23 13:20 - 2012-04-09 01:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-23 13:15 - 2009-07-14 06:34 - 00013472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-23 13:15 - 2009-07-14 06:34 - 00013472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-23 13:13 - 2010-12-11 12:28 - 01429485 _____ C:\Windows\WindowsUpdate.log 2016-06-23 13:07 - 2014-06-19 23:24 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-06-23 13:07 - 2012-08-13 12:17 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-23 13:06 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-23 13:06 - 2009-07-14 06:39 - 00150859 _____ C:\Windows\setupact.log 2016-06-23 12:40 - 2016-04-16 18:35 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForxxxxx.job 2016-06-23 12:38 - 2015-10-14 21:39 - 00000000 ____D C:\AdwCleaner 2016-06-23 12:18 - 2010-12-11 13:36 - 00000000 ____D C:\Users\xxxxx\AppData\Local\Adobe 2016-06-22 19:33 - 2010-12-30 01:40 - 00000000 ____D C:\Program Files\DVDVideoSoft 2016-06-22 19:33 - 2010-12-30 01:40 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft 2016-06-22 18:54 - 2014-06-19 23:23 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-06-20 15:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache 2016-06-17 15:35 - 2012-04-09 01:26 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-06-17 15:35 - 2011-08-08 23:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-06-17 11:16 - 2012-09-13 20:19 - 00000000 ____D C:\Users\xxxxx\AppData\Local\Downloaded Installations 2016-06-17 11:07 - 2011-09-10 01:23 - 00155480 _____ C:\ProgramData\nvModes.001 2016-06-16 23:09 - 2011-02-01 21:55 - 00000000 ____D C:\Users\xxxxx\AppData\Local\CrashDumps 2016-06-16 22:47 - 2016-04-14 22:03 - 00000000 ____D C:\Users\xxxxx\Desktop\Photoshop 2016-06-16 19:59 - 2010-12-11 12:36 - 01629284 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-16 16:23 - 2010-12-11 12:32 - 00000000 ____D C:\Users\xxxxx 2016-06-16 12:43 - 2013-05-21 13:10 - 00000000 ____D C:\Users\xxxxx\AppData\Roaming\TeamDrive3 2016-06-16 12:32 - 2009-07-14 06:33 - 03789000 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-15 20:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE 2016-06-15 20:18 - 2010-12-11 12:48 - 00000000 ____D C:\ProgramData\Microsoft Help 2016-06-15 20:17 - 2016-05-10 20:08 - 00000000 ____D C:\Windows\system32\MRT 2016-06-15 20:05 - 2010-12-11 15:36 - 139785240 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-06-15 11:38 - 2012-05-03 20:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-06-15 11:38 - 2010-12-11 15:17 - 04346626 _____ C:\Windows\PFRO.log 2016-06-14 16:34 - 2012-05-28 17:36 - 00000000 ____D C:\Users\xxxxx\AppData\Roaming\vlc 2016-06-13 19:31 - 2010-12-11 12:50 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-06-08 14:34 - 2010-12-12 19:38 - 00000000 ____D C:\Users\xxxxx\AppData\Roaming\Skype 2016-06-08 01:58 - 2013-06-06 20:44 - 00000000 ____D C:\Users\xxxxx\Desktop\IPod 2016-06-07 14:21 - 2014-06-19 23:23 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 2016-06-07 14:21 - 2010-12-11 14:20 - 00000000 ____D C:\ProgramData\Norton 2016-06-04 13:59 - 2014-06-19 23:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-06-04 02:24 - 2014-06-24 15:56 - 00000000 ____D C:\ProgramData\Oracle 2016-06-04 02:00 - 2010-12-11 15:58 - 00000000 ____D C:\Program Files\Java 2016-06-04 01:59 - 2015-08-03 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-06-04 01:53 - 2015-08-03 14:20 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2016-06-04 00:39 - 2010-12-11 12:32 - 00000000 ____D C:\Users\xxxxx\AppData\Local\VirtualStore 2016-05-29 12:54 - 2015-10-25 21:32 - 00000000 ____D C:\Users\xxxxx\.oracle_jre_usage 2016-05-28 20:00 - 2015-11-05 16:39 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-28 17:15 - 2015-03-30 19:56 - 00000000 ____D C:\Users\xxxxx\AppData\Roaming\dvdcss ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2011-07-08 00:24 - 2014-01-27 15:16 - 0000132 _____ () C:\Users\xxxxx\AppData\Roaming\Adobe GIF Format CS5 Prefs 2011-02-01 23:30 - 2014-01-27 15:21 - 0000132 _____ () C:\Users\xxxxx\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-05-15 19:31 - 2015-05-15 19:31 - 0000000 _____ () C:\Users\xxxxx\AppData\Roaming\gdfw.log 2015-05-15 19:30 - 2015-11-21 00:40 - 0001558 _____ () C:\Users\xxxxx\AppData\Roaming\gdscan.log 2012-08-27 23:42 - 2012-08-28 03:14 - 0000116 _____ () C:\Users\xxxxx\AppData\Roaming\history.PDF.pwcdat 2012-04-16 01:03 - 2012-04-16 01:03 - 0000066 _____ () C:\Users\xxxxx\AppData\Local\MODup-Log.txt 2011-01-04 23:53 - 2011-01-06 17:29 - 0001474 _____ () C:\Users\xxxxx\AppData\Local\RecConfig.xml 2012-06-18 14:17 - 2012-06-18 14:17 - 0007605 _____ () C:\Users\xxxxx\AppData\Local\Resmon.ResmonCfg 2011-04-20 09:13 - 2011-04-20 09:13 - 2522934 _____ () C:\Users\xxxxx\AppData\Local\[j0003]-[p09].bmp 2010-12-12 19:39 - 2010-12-12 19:39 - 0000048 ____H () C:\ProgramData\ezsidmv.dat 2010-12-11 14:07 - 2012-12-07 02:17 - 0005057 _____ () C:\ProgramData\hpzinstall.log 2011-09-10 01:23 - 2016-06-17 11:07 - 0155480 _____ () C:\ProgramData\nvModes.001 2011-09-09 23:03 - 2012-06-15 20:14 - 0155480 _____ () C:\ProgramData\nvModes.dat Einige Dateien in TEMP: ==================== C:\Users\xxxxx\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\xxxxx\AppData\Local\Temp\libeay32.dll C:\Users\xxxxx\AppData\Local\Temp\msvcr120.dll C:\Users\xxxxx\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-20 14:58 ==================== Ende vom FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:12-10-2015
durchgeführt von XXXXX (2016-06-23 13:47:15)
Gestartet von C:\Users\XXXXX\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2010-12-11 10:32:28)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-117767610-4170920979-3955755671-500 - Administrator - Disabled)
Gast (S-1-5-21-117767610-4170920979-3955755671-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-117767610-4170920979-3955755671-1005 - Limited - Enabled)
XXXXX (S-1-5-21-117767610-4170920979-3955755671-1000 - Administrator - Enabled) => C:\Users\XXXXX
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
AIO_CDA_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Amazon Kindle (HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
Amazon Send to Kindle (HKLM\...\SendToKindle) (Version: 1.0.1.237 - Amazon)
Apple Application Support (32-Bit) (HKLM\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (Version: 3.3 - Microsoft Corporation) Hidden
AVG PC TuneUp 2015 (de-DE) (Version: 15.0.1001.638 - AVG Technologies) Hidden
Azure AD Authentication Connected Service (Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (Version: 3.0.20 - Wacom) Hidden
Benutzerhandbuch EPSON BX535WD Series (HKLM\...\EPSON BX535WD Series Useg) (Version: - )
Blend for Visual Studio SDK for .NET 4.5 (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bluesoleil2.6.0.9 Release 070606 (HKLM\...\{846AC73B-9394-48B9-B941-8F7F472F0047}) (Version: 2.6.0.9 Release 070606 - IVT Corporation)
BoneLab (HKLM\...\{D16CBD59-07B3-4F98-A404-01B6D87A90F2}) (Version: 1.4.0.5 - Next Dimension Imaging)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.18.12 - Broadcom Corporation)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C3100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c3100_Help (Version: 82.0.256.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{F194B9D2-5BB0-4A36-912A-861DE0652181}) (Version: 1.23.0 - Kovid Goyal)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Citavi (HKLM\...\{E12C6653-1FF0-4686-ADB8-589C13AE761F}) (Version: 3.4.0.2 - Swiss Academic Software)
Citrix Online Plug-in - Web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Citrix Presentation Server Client - Nur Web (HKLM\...\{E9459BCF-0982-498B-ABA7-26C34323493F}) (Version: 10.200.2650 - Citrix Systems, Inc.)
Consideo Modeler - Consideo GmbH (HKLM\...\ConsideoModeler) (Version: - )
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.01 (HKLM\...\{8D4B1164-3935-44B2-9152-D0CB0AFBCCF4}) (Version: 4.01.3749 - DigitalPersona, Inc.)
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Download Navigator (HKLM\...\{2E214231-5FAD-410A-AF5D-99AAB8558434}) (Version: 2.1.0 - SEIKO EPSON CORPORATION)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Erforderliche Komponenten für SSDT (HKLM\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
ESET Smart Security (HKLM\...\{6A4C81A3-2ECD-47A5-84F0-E77475B7BCED}) (Version: 9.0.381.1 - ESET, spol. s r.o.)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Video Flip and Rotate version 2.1.1.719 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.1.719 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Advisor (HKLM\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9652.3188 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.4.18.7 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6225.0 - IDT)
IIS 10.0 Express (HKLM\...\{C28C9704-5633-4765-92C0-E7CC50B14FAC}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
iStonsoft iPad iPod iPhone Data Recovery (HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\iStonsoft iPad iPod iPhone Data Recovery) (Version: 2.1.31 - iStonsoft)
iTunes (HKLM\...\{3079C5C8-325A-4354-A733-456BACA1E5FB}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.18.07 - JMicron Technology Corp.)
Joe (HKLM\...\{0AD3DEBC-5321-457E-8B43-8F546940169B}) (Version: 4.00.0050 - Wirth IT Design)
LandOnline Client Components (HKLM\...\LandOnline Client Components) (Version: 1.0 - Land Information NZ)
Livebrush Mini (HKLM\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (Version: 1.5 - MoreMeYou) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaMonkey 4.1 (HKLM\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x86) 1.0.0-beta5 (HKLM\...\{2a375a89-9d97-35b7-917d-92f1ea73080d}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{E41DF93D-DC9B-4B22-A968-07077C574E43}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{2A3CC014-FA33-4027-AECD-9A4845223209}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 DEU (HKLM\...\{7CC4FADE-70AC-4560-9418-639D71A4767C}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{E26E9AFA-9510-409C-AFE8-73A0EB3BE325}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{B6019E33-AC77-4B09-8D67-48B5A2502B2B}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0 (x86 de) (HKLM\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Netzwerkhandbuch EPSON BX535WD Series (HKLM\...\EPSON BX535WD Series Netg) (Version: - )
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NJStar Communicator (HKLM\...\NJStar Communicator) (Version: 3.00 - NJStar Software Corp.)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.64 - Nokia)
Nokia PC Suite (Version: 7.1.180.64 - Nokia) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Oracle VM VirtualBox 4.1.12 (HKLM\...\{BD2DF5E1-0B64-40EB-93CC-77F984ADB408}) (Version: 4.1.12 - Oracle Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Client German Language Pack (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.4 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung ML-1510_700 Series (HKLM\...\Samsung ML-1510_700 Series) (Version: - )
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Secure Banking (HKLM\...\{2088356A-A860-4619-B6DC-F6785AEBBBF7}) (Version: 2.0.1 - Machinecode Technologies)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Smart Switch (HKLM\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.)
Smart Switch (Version: 4.0.15113.12 - Samsung Electronics Co., Ltd.) Hidden
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
Team Explorer for Microsoft Visual Studio 2015 (Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamDrive 3 (HKLM\...\TeamDrive 3) (Version: 3.1.0.316 - TeamDrive Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (Version: 14.0.23107 - Microsoft Corporation) Hidden
TeX Live 2011 (HKU\S-1-5-21-117767610-4170920979-3955755671-1000\...\TeXLive2011) (Version: 2011 - )
Texmaker (HKLM\...\Texmaker) (Version: - )
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
UniPrint Client 4.0 (HKLM\...\{50A7D603-B3DD-48C1-A518-486B2EDFFA3F}) (Version: 4.0.6 - UniPrint, a division of GFI Business Solutions Inc.)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
v2010.build.42 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2010.build.42 - eRightSoft)
Validity Sensors software (HKLM\...\{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}) (Version: 2.8.116 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WCF Data Services 5.6.4 DEU Language Pack (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{1EFF7739-9BDA-4295-BC07-383554CAAC84}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\CCMProxy.dll (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{238F6F83-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{238F6F85-B8B4-11CF-8771-00A024541EE3}\InprocServer32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\Wfica.ocx (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}\localserver32 -> C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-117767610-4170920979-3955755671-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
04-06-2016 00:40:13 Windows Update
07-06-2016 14:31:34 Windows Update
14-06-2016 16:18:32 Windows Update
15-06-2016 01:18:52 Windows Update
15-06-2016 20:00:56 Windows Update
17-06-2016 11:17:06 Installed Secure Banking.
22-06-2016 18:38:26 Windows Update
22-06-2016 19:34:09 Removed MoodTuner
23-06-2016 12:48:43 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-04-26 11:39 - 2014-11-05 21:36 - 00444869 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15300 zusätzliche Einträge.
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01A58B17-9994-4F84-9B8A-788B88D86081} - System32\Tasks\{C2FA0599-B043-4F27-9276-365D7402AD4B} => pcalua.exe -a "C:\Program Files\RelevantKnowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge
Task: {04DA8095-7A2E-4947-93B6-AA3DC01EA294} - System32\Tasks\{4F687082-90D4-4BF6-B8B1-6A47C975F70A} => pcalua.exe -a C:\Users\XXXXX\Desktop\HP\sp45499.exe -d C:\Users\XXXXX\Desktop\HP
Task: {0A27E96C-F7CA-4B6F-A081-4E0D6C934EB1} - System32\Tasks\{A9AF9DF9-8AB4-4780-B05C-845F3A4F7F80} => pcalua.exe -a C:\Users\XXXXX\Desktop\HP\sp41701.exe -d C:\Users\XXXXX\Desktop\HP
Task: {0C370B7E-86B7-4A6C-AC9B-A8D75D6BD3F9} - System32\Tasks\RNUpgradeHelperLogonPrompt_XXXXX => C:\Users\XXXXX\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.03\agent\rnupgagent.exe [2016-06-20] (RealNetworks, Inc.)
Task: {226A226F-D32F-434A-9550-9B71C95A49EB} - System32\Tasks\{57A1538B-9FC1-4013-8D09-3401422AB79D} => pcalua.exe -a C:\Users\XXXXX\Desktop\AntiTwin_Setup.exe -d C:\Users\XXXXX\Desktop
Task: {23F96337-0509-4DEB-B16A-4A882262C1CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {2931D861-9B82-4689-9257-D47728EFDAA4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-117767610-4170920979-3955755671-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {298B79ED-516A-4942-A90B-03BB78890346} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {2BBECF94-610A-47AF-ADC8-A4B95626871A} - System32\Tasks\{63B728FC-7546-4B7D-99D9-65A0874A65DC} => pcalua.exe -a "C:\Users\XXXXX\Desktop\Neuer Ordner\Epson Zeug\epson374735eu.exe" -d "C:\Users\XXXXX\Desktop\Neuer Ordner\Epson Zeug"
Task: {2E880432-BE78-4708-B404-BDED3EF170F8} - System32\Tasks\{C230C231-6276-4147-BB27-0E09D78DDDC5} => pcalua.exe -a C:\Users\XXXXX\Desktop\everest\Dictionary.exe -d C:\Users\XXXXX\Desktop\everest
Task: {3386ED1D-AF3D-438C-9E4C-4159259DE9A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3560B0FF-E40C-490E-A409-C49FFBF7ECE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {3B9DAFC3-0E82-4BC0-B323-A589D770D1D0} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {4469D63B-B865-4C9B-832A-5532A9411114} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-04-04] (Microsoft Corporation)
Task: {52932C27-E777-4BDF-9E4F-95D5F90E9506} - System32\Tasks\RNUpgradeHelperResumePrompt_XXXXX => C:\Users\XXXXX\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.03\agent\rnupgagent.exe [2016-06-20] (RealNetworks, Inc.)
Task: {675847AF-5FF4-48A6-84B0-31D5270C0A65} - System32\Tasks\HPCeeScheduleForXXXXX => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {6B73D93F-23E5-4133-B0E4-DDA7F719FB25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {6EB6D0E5-3238-40AC-82DC-A1166B2ABB25} - System32\Tasks\{D430D610-1028-4E95-B527-F019589A4F36} => pcalua.exe -a C:\Users\XXXXX\Desktop\winstger.exe -d C:\Users\XXXXX\Desktop
Task: {8B6D6D5C-D37F-4EEF-B072-5A334685E228} - System32\Tasks\{A7737EA2-A290-4226-97EE-BFCEFB607B2C} => C:\Program Files\Skype\\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
Task: {A41121D8-EE32-4C72-A672-CFCD3A1AF3CD} - System32\Tasks\{AD4F7045-77B1-4375-B5EE-19858BBE0FB2} => C:\Users\XXXXX\Desktop\AVCleaner.exe
Task: {B18525A8-EC43-4D4F-9970-B49BF540ED0C} - System32\Tasks\ReclaimerUpdateXML_XXXXX => C:\Users\XXXXX\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.03\agent\rnupgagent.exe [2016-06-20] (RealNetworks, Inc.)
Task: {B1BE2BD2-7F4D-46CA-A0D3-553445F41189} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {B9952096-A45D-4B31-938A-F15AD6450873} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-117767610-4170920979-3955755671-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {B9C67796-59A2-4B49-B0D6-0A02B5EBC49A} - System32\Tasks\{40F9B922-24D2-4F8C-8B85-8C58F0BED0AA} => pcalua.exe -a C:\Users\XXXXX\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1
Task: {BA2B69C7-7ADF-4E27-ADA8-E932C7E3FB4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {D0BDD82D-18D1-4C22-AA38-068E004B7BE8} - System32\Tasks\{2EFB6DAE-93C8-49A4-8484-23E78456EBD6} => pcalua.exe -a C:\Users\XXXXX\Desktop\epson373094eu.exe -d C:\Users\XXXXX\Desktop
Task: {D18E9D75-7CA2-45C1-ACD8-B7F597892B83} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {D5943F47-F722-48D5-B29A-54508B0B371D} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe
Task: {D9D185E5-4D90-4182-8E28-3D62F94E1F59} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-11-05] (Microsoft Corporation)
Task: {DD9FCD1E-CACC-4D84-B994-4A04DC590B15} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-20] (Microsoft Corporation)
Task: {F14E565B-570D-4CA9-88E4-DE4A4870E234} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-20] (Microsoft Corporation)
Task: {F479E73F-745E-4E90-AAE4-35A6B767AFF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2010-06-09] (Hewlett-Packard Company)
Task: {FE3042DA-67A0-47DD-817E-911F3F50A4E2} - System32\Tasks\ReclaimerUpdateFiles_XXXXX => C:\Users\XXXXX\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.03\agent\rnupgagent.exe [2016-06-20] (RealNetworks, Inc.)
Task: {FF2844FF-EA07-4FF2-8E24-CD8330D2248E} - System32\Tasks\AdobeAAMUpdater-1.0-LAPTOP-XXXXX => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForXXXXX.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-10-10 23:48 - 2013-10-10 23:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01040656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-31 00:06 - 2014-08-19 21:12 - 01019672 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-06-08 12:17 - 2012-01-03 22:51 - 08671232 _____ () c:\program files\adobe\acrobat 9.0\acrobat\exlang32.deu
2012-05-15 13:41 - 2013-10-02 23:32 - 03719680 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Citavi Picker\CitaviPicker.api
2013-06-08 12:18 - 2009-02-27 17:40 - 01712128 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Annots.DEU
2013-06-08 12:19 - 2009-10-03 03:48 - 00106496 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\EScript.DEU
2013-06-08 12:18 - 2012-01-03 21:54 - 01060864 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\PPKLite.DEU
2013-06-08 12:18 - 2009-02-27 17:39 - 00999424 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\AcroForm.DEU
2013-06-08 12:18 - 2009-02-27 17:40 - 00274432 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\DigSig.DEU
2007-11-16 17:02 - 2007-11-16 17:02 - 00401408 ____R () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\cryptocme2.dll
2007-11-16 17:02 - 2007-11-16 17:02 - 00479232 ____R () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\ccme_base.dll
2013-06-08 12:18 - 2012-01-03 21:54 - 00053248 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\weblink.DEU
2013-06-08 12:17 - 2009-01-18 16:50 - 00417792 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\AdobeXMP.dll
2013-06-08 12:17 - 2009-02-27 13:52 - 00258048 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\sqlite.dll
2013-06-08 12:18 - 2009-02-27 17:42 - 00147456 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\WebPDF.DEU
2013-06-08 12:18 - 2009-10-03 03:45 - 00012288 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\plug_ins\Updater.DEU
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:B1FBBD09
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 20375 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-117767610-4170920979-3955755671-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TabletServicePen => 2
MSCONFIG\Services: TouchServicePen => 2
MSCONFIG\startupfolder: C:^Users^XXXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avira Systray => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: BambooCore => C:\Program Files\Bamboo Dock\BambooCore.exe
MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Users\XXXXX\AppData\Local\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ICQ => "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: itype => "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UniPrint => C:\Users\XXXXX\AppData\Local\UniPrint\Client\SetDfltSettings.exe
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{7687B8D4-4F27-44C2-96FD-787DCA5DDF33}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS09C3\OJP8500vA909_Full_13\setup\hpznui01.exe
FirewallRules: [{CC60033E-5658-4592-99A9-A8871D0854B9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1596E2A8-3D68-42E0-B4E6-2005B4EC0C8B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8C638BEB-C9C0-4E3E-ADFE-39C998C94DD6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{81B4F23D-BE53-425B-A8BB-C9F21935B58C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{C65604ED-F42D-4B52-BD60-9B5ECEC0498E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{49328C47-4AE7-40F5-8B3A-AA2427447EAF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{B62E9FD6-15F9-48B9-889C-B294CBD14D1D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{54849768-D56E-4E37-B03F-1ECFD95621CE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{6C7CAB87-9CFD-4B59-B12C-793C38AE9496}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{57DCF4F2-ED6C-4604-9A2E-5AE12A19FAB3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{FADD049E-E41F-4051-8740-8FC9023D17EF}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{79EEE5F9-74DC-4FCA-8005-0BA87F629469}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{190DEB89-3A7E-49B4-A20E-8B42226CC5C3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FA37E5A2-FA59-4524-85CA-4E9E439C596A}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{5C099229-2D4D-4CF5-9953-C14E3304D93E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{351C7116-E67D-4629-81CA-3EB6084FA3F7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{DF503E8A-4F99-4164-A4A3-B5416A9ADE28}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{1F94FB41-A54A-4288-847A-2BEA089B23B2}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{B319CB0D-7FA7-4F5C-A0E7-65DDC73AB5B1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C9369778-02AC-4837-9F73-E034D6D0DC3F}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{5BE379A8-6A35-4001-A479-5ADCE26E5F71}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{C26B8641-0593-47B7-891A-AD31B11BE891}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{ED5A1EA2-F807-4BFA-BC12-3DD7D1F1E1B2}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{8D22A957-48E8-445C-8644-38386A05FE5F}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{E5030BC1-9431-45D6-B265-8D39C67E8649}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
FirewallRules: [{0E6F45D7-F158-45BB-AB7E-856AA203BC93}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0A3C30DB-2E3D-4BDD-9BD1-9C3F8D7D1925}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{369F905D-1BC7-4A29-AF0F-82B16AB5E82B}] => (Allow) C:\Program Files\Giraffic\Giraffic.exe
FirewallRules: [{11CFCF96-12B5-4A18-93A9-0E8409109E47}] => (Allow) C:\Program Files\Giraffic\Giraffic.exe
FirewallRules: [{3BA39896-AC71-4EFD-B735-A8044F079829}] => (Allow) C:\Program Files\Giraffic\GirafficWatchdog.exe
FirewallRules: [{FA2FEF22-2CE1-4613-BBEE-AF679B50BAF4}] => (Allow) C:\Program Files\Giraffic\GirafficWatchdog.exe
FirewallRules: [{F79C1E88-09DE-4F23-BF34-14D4B0B68278}] => (Allow) LPort=8396
FirewallRules: [{58686ACE-CD8F-4F9F-AEFF-689B255848A1}] => (Allow) LPort=8396
FirewallRules: [{3A546FA2-DF41-4274-BF5C-B90433D4D0FE}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{04379F1D-9D19-48CD-B7CC-E7D3EEF65EAF}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{5480D9D1-9930-4C95-B23F-0B169A098414}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{7A81DBDA-4330-4407-9B94-0E458B7D1659}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{36EF71C8-B6EB-4B58-A969-78CD4DC2005A}] => (Allow) C:\Program Files\YourFileDownloader\Downloader.exe
FirewallRules: [{E2995586-6223-4A80-9B5D-24D843F63BC3}] => (Allow) C:\Program Files\YourFileDownloader\Downloader.exe
FirewallRules: [{6135EBDE-7B4B-4F46-874F-38F2C9EEF31E}] => (Allow) C:\Program Files\YourFileDownloader\YourFile.exe
FirewallRules: [{4415AC8A-5DC1-4937-9544-3EAB19E41DDB}] => (Allow) C:\Program Files\YourFileDownloader\YourFile.exe
FirewallRules: [{B8C277F7-9F59-4DC2-8A80-A1B0495AFC43}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{EEC0539C-61EE-4ABA-9AD0-7482EBC04AB9}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{BB64BFF4-86E2-471D-B4AD-2175478F96B5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{4E7588C3-568B-4550-BF86-62EF2CDD188C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{9BFC29B0-9DBD-41AB-AE40-C93989407C23}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{E932B3E1-B233-4FD7-9724-15740882E966}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0D956608-4213-4D4B-BCC8-4B539A636BE1}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{C521F51F-7066-4593-8760-97F2DF1EAE9D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{9F3A9515-0A05-47BA-A57C-F23BC39AC7A2}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{3259A311-A980-477F-8674-8336B7FBC70D}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{0B806B0A-3143-4093-A343-77A7C2FCD911}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{629FC361-D54B-43CB-B01D-7FBC824D46F3}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [{F26876D0-2ABA-4D93-A76A-F97B36D0A253}] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [{71524894-1A65-4230-B0D4-A9715472CFBB}] => (Block) C:\program files\winamp\winamp.exe
FirewallRules: [{23789C66-2240-44B5-91E8-662517B5994A}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\EPSON BX535WD Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe
FirewallRules: [{1C985F8A-442A-4923-8EF1-5E1B1089883B}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\EPSON BX535WD Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe
FirewallRules: [{EB37AD80-D09F-4E4B-900A-555BE8F95E68}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{17426D12-1A6C-447D-9B6E-14CB0722AF90}] => (Allow) C:\Program Files\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{958054E0-8A72-4765-A120-3517252DC5E8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{430E02E5-CB9E-4BA1-8E9A-3B5689717E3A}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{C00BBCBB-3D50-410D-9EB5-9A8CC61B2492}] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{482D02B2-3C46-47A8-B586-C858ECC64D74}] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B171771D-3EF1-44E8-A918-AE3B8D5A7102}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS5E47.tmp\SymNRT.exe
FirewallRules: [{49E6FD85-7683-4CF4-B93C-9DA47CA1E931}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS5E47.tmp\SymNRT.exe
FirewallRules: [{8AADDC33-5A18-4D08-A180-C14D37AC0E1B}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSE5BE.tmp\SymNRT.exe
FirewallRules: [{4B1EA3D8-6CBA-41B8-B4B6-E0FBE4D972F4}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSE5BE.tmp\SymNRT.exe
FirewallRules: [{AAB4E023-0812-43C0-87B9-8187DB5FD5A4}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSFAD4.tmp\SymNRT.exe
FirewallRules: [{342ECC98-A477-4F14-A33E-3771DEEC0064}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSFAD4.tmp\SymNRT.exe
FirewallRules: [{F2E6F5A0-54CA-4166-BAC9-08996322B5CB}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS29FF.tmp\SymNRT.exe
FirewallRules: [{ABA212B4-211C-43AE-96BD-3F1D77F44E15}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS29FF.tmp\SymNRT.exe
FirewallRules: [{3284F239-1606-4B4F-A8AD-93D69A10F0A2}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS82F4.tmp\SymNRT.exe
FirewallRules: [{CDA290AA-C9B1-40ED-AA41-818F27080EF1}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS82F4.tmp\SymNRT.exe
FirewallRules: [{DFF80C46-1CEB-40E5-9F63-927372B305CF}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS6EB9.tmp\SymNRT.exe
FirewallRules: [{DA79901C-D93E-4C7D-96C6-579E4E7D7722}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS6EB9.tmp\SymNRT.exe
FirewallRules: [{C962B677-10AE-4318-934B-77D705034287}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSD7E7.tmp\SymNRT.exe
FirewallRules: [{0F7A30FA-2F19-47BF-81A7-73798660B4DE}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zSD7E7.tmp\SymNRT.exe
FirewallRules: [{684F05B3-A72E-490C-99FD-D5788E6DC0D8}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3E77.tmp\SymNRT.exe
FirewallRules: [{F301632A-276C-4A61-ABAE-8FCF722FFA4F}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3E77.tmp\SymNRT.exe
FirewallRules: [{DB5D54DC-D26D-4993-9BE7-90001CF2561A}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3015.tmp\SymNRT.exe
FirewallRules: [{C7747FFD-9E80-4A21-BA55-9E0D075C3045}] => (Allow) C:\Users\XXXXX\AppData\Local\Temp\7zS3015.tmp\SymNRT.exe
FirewallRules: [{A21F286A-1390-4E8C-898E-DE309FF6AF7C}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ED03C92C-FEA5-4D0D-BB20-8090D36351B3}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1895254A-C0AB-4935-9CF8-F98202A3C767}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3E94D44C-A916-4F4C-B052-2338A49B97D6}] => (Allow) C:\Users\Dropbox2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{EAAFCBFC-AADD-4146-98D7-74894617901A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F3AC9F29-8B8E-437C-99D6-17107153CAEC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{733130EC-F717-4DF3-B6F3-3D88FFCB9A6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0BB8833F-AD47-4C71-9305-AEC290DEA2B8}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E4B721F3-EB3C-4986-97E6-E3115ADBD6BF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{A43C9499-F441-4F8E-B5AA-49C57F649E1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0AB29B74-728D-4C30-80B7-6852A1038143}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1538BA87-25E3-48F5-9126-22388858B25F}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4E797EC4-2A65-461C-9AC2-FA7AADBF05AE}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{0A0D02C9-AAA2-4C1F-8791-658767ACD62A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{482589C6-BD58-4D66-A943-095B4C06FAC6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7E85BAB8-6061-4755-8D42-C4D4D14DD93C}] => (Allow) C:\Program Files\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{0CBABBA9-5CB7-48ED-9E14-CEA2824507A0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Officejet Pro 8500 A909a
Description: Officejet Pro 8500 A909a
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet Pro 8500 A909a
Description: Officejet Pro 8500 A909a
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/23/2016 12:34:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AdwCleaner_5.200.exe, Version 5.200.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 354
Startzeit: 01d1cd3aa6595aca
Endzeit: 0
Anwendungspfad: C:\Users\XXXXX\Desktop\AdwCleaner_5.200.exe
Berichts-ID:
Error: (06/20/2016 10:34:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4275
Error: (06/20/2016 10:34:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4275
Error: (06/20/2016 10:34:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/20/2016 10:34:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1217
Error: (06/20/2016 10:34:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1217
Error: (06/20/2016 10:34:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/17/2016 04:59:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13509
Error: (06/17/2016 04:59:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13509
Error: (06/17/2016 04:59:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (06/23/2016 01:07:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/23/2016 01:07:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/23/2016 01:07:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/23/2016 01:07:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/23/2016 01:06:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (06/23/2016 01:06:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error: (06/23/2016 01:05:31 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (06/23/2016 12:49:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/23/2016 12:49:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (06/23/2016 12:49:08 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
CodeIntegrity:
===================================
Date: 2015-09-27 23:18:25.844
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.090
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.086
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.082
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.070
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.066
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.062
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.029
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.026
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-05 13:03:24.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 3039.21 MB
Verfügbarer physikalischer RAM: 1215.38 MB
Summe virtueller Speicher: 6076.74 MB
Verfügbarer virtueller Speicher: 3686.3 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:289.02 GB) (Free:154.51 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:8.96 GB) (Free:1.61 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (READYBOOST) (Removable) (Total:7.3 GB) (Free:3.31 GB) FAT32
Drive h: (64 GB) (Removable) (Total:58.91 GB) (Free:54.47 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97A197A1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=289 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: E6BA8DA8)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0B)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 58.9 GB) (Disk ID: 9541352D)
Partition 1: (Not Active) - (Size=58.9 GB) - (Type=0C)
==================== Ende vom Addition.txt ============================
|
|
23.06.2016, 13:25
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Warnmeldung von Secure Banking FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.06.2016, 18:09
| #10 |
| | Warnmeldung von Secure BankingCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version:12-10-2015
durchgeführt von XXXXX (2016-06-23 18:36:58) Run:1
Gestartet von C:\Users\XXXXX\Desktop
Geladene Profile: XXXXX (Verfügbare Profile: XXXXX & Gast)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
EmptyTemp: => 252.7 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende vom Fixlog 18:37:09 ====
|
|
24.06.2016, 08:18
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Warnmeldung von Secure Banking Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.06.2016, 13:57
| #12 |
| | Warnmeldung von Secure Banking Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 24.06.2016 Suchlaufzeit: 10:53 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.24.01 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: XXXXX Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 366583 Abgelaufene Zeit: 41 Min., 30 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=aa6518ccbc6f9646bfe02070707894a3
# end=init
# utc_time=2016-06-24 09:39:20
# local_time=2016-06-24 11:39:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29901
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=aa6518ccbc6f9646bfe02070707894a3
# end=updated
# utc_time=2016-06-24 09:41:24
# local_time=2016-06-24 11:41:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=aa6518ccbc6f9646bfe02070707894a3
# engine=29901
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-24 12:24:02
# local_time=2016-06-24 02:24:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 157505 218402233 0 0
# compatibility_mode_1='ESET Smart Security 9.0'
# compatibility_mode=8232 16777213 100 97 927160 10615208 0 0
# scanned=411200
# found=0
# cleaned=0
# scan_time=9757
Security Check Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
ESET Smart Security 9.0.381.1
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
WinPatrol
MVPS Hosts File
Secunia PSI (3.0.0.9016)
AVG PC TuneUp 2015 (de-DE)
Microsoft VisualStudio JavaScript Project System
Java 8 Update 91
Microsoft VisualStudio JavaScript Language Service
Java version 32-bit out of Date!
Adobe Flash Player 22.0.0.192
Adobe Reader XI
Mozilla Firefox (47.0)
````````Process Check: objlist.exe by Laurent````````
WinPatrol winpatrol.exe
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
BillP Studios WinPatrol WinPatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Geändert von Plzhelp (24.06.2016 um 14:15 Uhr) |
|
24.06.2016, 14:07
| #13 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Warnmeldung von Secure BankingZitat:
Zitat:
Wenn möglich auch Java und Flash Player deinstallieren!  Java spielt kaum noch eine Rolle. Fast nirgendwo werden mehr Java-Applets eingesetzt. Und was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen. In dem Teil werden ständig neue dicke Sicherheitslücken gefunden => Der Liebling aller Cyber-Kriminellen: Flash | heise Security
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.06.2016, 11:18
| #14 |
| | Warnmeldung von Secure Banking Ich hab ehrlichgesagt keine Ahnung, woher dieses AVG PC TuneUp 2015 eigentlich kommt und es ist auch nicht auffindbar.. gibt's irgendeine spezielle Software hierfür? Auch Revo hilft nicht weiter. Statt Reader nehme ich jetzt Acrobat.. danke für die Warnung, das wusste ich alles nicht. Java hab ich jetzt auch deinstalliert und wieder installiert xD Ich brauch es leider.. Secure Banking schreit übrigens immer noch. |
|
25.06.2016, 11:38
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Warnmeldung von Secure Banking Du sollst nicht den Acrobat nehmen, das ist doch auch Müll von Adobe, nimm eine Alternative wie PDF-X-Change! Wenn du unbedingt SecureBanking weiternutzen willst, musst du dich an den Autor mal wenden => http://www.trojaner-board.de/109844-...ren-seite.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Warnmeldung von Secure Banking |
| administrator, bonjour, chromium, dll, dnsapi.dll, downloader, explorer, flash player, format, homepage, malware, mozilla, photoshop, prozess, prozesse, registry, rundll, scan, security, services.exe, software, svchost.exe, system, temp, ublock, ublock origin, updates, windows, winlogon.exe |
Linear-Darstellung
