Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe:

wma927 · 12.01.2017, 17:59

Anhang 79613.....wahrscheinlich beim Installieren von einigen free-ware Chrome-Erweiterungen (inzwischen gelöscht) ; darüber hinaus habe ich den Laptop mehrfach komplett durchgescannt und neu gebootet; aber es öffnen sich nach wie vor im Sekundentakt neue Web.Fenster - meist Seiten, die angeblich von Microsoft empfohlene PC-Reinigungsseiten empfehlen, aber auch 'klassische', wie Tradeexchange oder Alibaba..

das sagt mein Virus-Summary (Avira free, neuestes Update): (copy & paste)

Name TR/Dropper.kvqdz
Date discovered Jan 5, 2017
VDF version 7.12.144.182 (2017-01-05 11:23)

The term 'TR' denotes a trojan horse that is able to spy out data, violate your privacy, or perform unwanted modifications to the system.

VDF
7.12.144.182 (2017-01-05 11:23)
Aliases
ESET: Win32/TrojanDownloader.Nymaim.BA trojan

den Log hab ich via Farbar Recovery Scan Tool nach Euren Angaben erstellt - hier attached.
Könnt Ihr mir helfen?

1000 Dank vorab und nachträglich ein Gutes Neues,
Walburga

cosinus · 13.01.2017, 10:13

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

wma927 · 13.01.2017, 17:00

Danke für die schnelle Antwort und sorry für die Attachments - ich wollte das noch korrigieren, aber dann hat meine'Maschine' sich geweigert ;(
hier die beiden Dateien- ich hoffe, das hilft Ihnen (und mir) weiter ...
Walburga

Avira Log:

Code:

ATTFilter

Free Antivirus
Report file date: Donnerstag, 12. Januar 2017  15:46


The program is running as an unrestricted full version.
Online services are available.

Licensee        : Free
Serial number   : 0000149996-AVHOE-0000001
Platform        : Windows 8.1
Windows version : (plain)  [6.3.9600]
Boot mode       : Normally booted
Username        : W
Computer name   : ASUS-KLEIN

Version information:
build.dat       : 15.0.24.146    92768 Bytes  06.12.2016 16:01:00
AVSCAN.EXE      : 15.0.24.145  1483568 Bytes  12.12.2016 17:03:10
AVSCANRC.DLL    : 15.0.24.119    54456 Bytes  12.12.2016 17:03:10
LUKE.DLL        : 15.0.24.145    80208 Bytes  12.12.2016 17:03:14
AVSCPLR.DLL     : 15.0.24.145   143032 Bytes  12.12.2016 17:03:11
REPAIR.DLL      : 15.0.24.143   689952 Bytes  12.12.2016 17:03:10
repair.rdf      : 1.0.23.52    1850625 Bytes  12.01.2017 10:42:48
AVREG.DLL       : 15.0.24.143   427848 Bytes  12.12.2016 17:03:10
avlode.dll      : 15.0.24.146   804792 Bytes  12.12.2016 17:03:10
avlode.rdf      : 14.0.5.76     143349 Bytes  24.11.2016 15:47:21
XBV00010.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00011.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00012.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00013.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00014.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00015.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00016.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00017.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00018.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00019.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00020.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00021.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00022.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00023.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00024.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00025.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00026.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00027.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00028.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:27
XBV00029.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00030.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00031.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00032.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00033.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00034.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00035.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00036.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00037.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00038.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00039.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00040.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00041.VDF    : 8.12.107.34     2048 Bytes  27.07.2016 06:08:28
XBV00184.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00185.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00186.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00187.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00188.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00189.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00190.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00191.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00192.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00193.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00194.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00195.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00196.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00197.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00198.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00199.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00200.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00201.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00202.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00203.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00204.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00205.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00206.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00207.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00208.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00209.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00210.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00211.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00212.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00213.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00214.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00215.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00216.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00217.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00218.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00219.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00220.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00221.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00222.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00223.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00224.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00225.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00226.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00227.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00228.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00229.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00230.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00231.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00232.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00233.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00234.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00235.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00236.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00237.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00238.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00239.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00240.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00241.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00242.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00243.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00244.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00245.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00246.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00247.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00248.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00249.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00250.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:16
XBV00251.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:17
XBV00252.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:17
XBV00253.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:17
XBV00254.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:17
XBV00255.VDF    : 8.12.143.24     2048 Bytes  25.12.2016 09:10:17
XBV00000.VDF    : 7.11.70.0   66736640 Bytes  04.04.2013 06:37:48
XBV00001.VDF    : 7.11.237.0  48041984 Bytes  02.06.2015 04:50:53
XBV00002.VDF    : 7.12.106.228 44941312 Bytes  27.07.2016 06:08:26
XBV00003.VDF    : 8.12.113.174  5299200 Bytes  22.08.2016 04:51:09
XBV00004.VDF    : 8.12.118.140  3998720 Bytes  15.09.2016 18:51:29
XBV00005.VDF    : 8.12.125.14  6024704 Bytes  11.10.2016 21:24:38
XBV00006.VDF    : 8.12.132.226  5180928 Bytes  09.11.2016 08:40:36
XBV00007.VDF    : 8.12.133.244  1884672 Bytes  16.11.2016 11:34:16
XBV00008.VDF    : 8.12.137.174  2475008 Bytes  26.11.2016 10:52:03
XBV00009.VDF    : 8.12.143.24  5520384 Bytes  25.12.2016 09:10:13
XBV00042.VDF    : 8.12.143.34    13312 Bytes  25.12.2016 09:10:13
XBV00043.VDF    : 8.12.143.44     2048 Bytes  25.12.2016 11:10:11
XBV00044.VDF    : 8.12.143.54    18432 Bytes  25.12.2016 13:10:18
XBV00045.VDF    : 8.12.143.64    15360 Bytes  25.12.2016 15:10:12
XBV00046.VDF    : 8.12.143.66    13312 Bytes  25.12.2016 17:10:17
XBV00047.VDF    : 8.12.143.68   108032 Bytes  26.12.2016 09:10:17
XBV00048.VDF    : 8.12.143.70     9728 Bytes  26.12.2016 11:10:21
XBV00049.VDF    : 8.12.143.72    12800 Bytes  26.12.2016 11:10:21
XBV00050.VDF    : 8.12.143.74     8704 Bytes  26.12.2016 13:10:19
XBV00051.VDF    : 8.12.143.76     8704 Bytes  26.12.2016 13:10:19
XBV00052.VDF    : 8.12.143.78     9728 Bytes  26.12.2016 15:10:19
XBV00053.VDF    : 8.12.143.80     8192 Bytes  26.12.2016 15:10:19
XBV00054.VDF    : 8.12.143.82     2560 Bytes  26.12.2016 17:10:19
XBV00055.VDF    : 8.12.143.84   100352 Bytes  27.12.2016 07:10:20
XBV00056.VDF    : 8.12.143.86    10240 Bytes  27.12.2016 09:10:23
XBV00057.VDF    : 8.12.143.88     9728 Bytes  27.12.2016 11:10:21
XBV00058.VDF    : 8.12.143.90    16896 Bytes  27.12.2016 11:10:21
XBV00059.VDF    : 8.12.143.92    16384 Bytes  27.12.2016 15:10:22
XBV00060.VDF    : 8.12.143.94    16896 Bytes  27.12.2016 15:10:22
XBV00061.VDF    : 8.12.143.96    11264 Bytes  27.12.2016 17:10:22
XBV00062.VDF    : 8.12.143.106    10752 Bytes  27.12.2016 17:10:22
XBV00063.VDF    : 8.12.143.114    10240 Bytes  27.12.2016 19:10:22
XBV00064.VDF    : 8.12.143.122     9728 Bytes  27.12.2016 19:10:22
XBV00065.VDF    : 8.12.143.130    11264 Bytes  27.12.2016 19:10:22
XBV00066.VDF    : 8.12.143.138    10240 Bytes  27.12.2016 21:10:23
XBV00067.VDF    : 8.12.143.146    10240 Bytes  27.12.2016 21:10:23
XBV00068.VDF    : 8.12.143.148    12800 Bytes  27.12.2016 07:10:23
XBV00069.VDF    : 8.12.143.152   103424 Bytes  28.12.2016 07:10:23
XBV00070.VDF    : 8.12.143.154    67584 Bytes  28.12.2016 13:10:24
XBV00071.VDF    : 8.12.143.156    31744 Bytes  28.12.2016 15:10:24
XBV00072.VDF    : 8.12.143.160    37376 Bytes  28.12.2016 17:10:29
XBV00073.VDF    : 8.12.143.162    32768 Bytes  28.12.2016 19:10:25
XBV00074.VDF    : 8.12.143.164    32256 Bytes  28.12.2016 19:10:25
XBV00075.VDF    : 8.12.143.166    23552 Bytes  28.12.2016 21:10:29
XBV00076.VDF    : 8.12.143.168    36352 Bytes  28.12.2016 23:10:28
XBV00077.VDF    : 8.12.143.184   141824 Bytes  29.12.2016 07:10:37
XBV00078.VDF    : 8.12.143.192    79872 Bytes  29.12.2016 19:36:09
XBV00079.VDF    : 8.12.143.200    25600 Bytes  29.12.2016 19:36:09
XBV00080.VDF    : 8.12.143.208    20992 Bytes  29.12.2016 19:36:09
XBV00081.VDF    : 8.12.143.216    20992 Bytes  29.12.2016 19:36:09
XBV00082.VDF    : 8.12.143.218     9728 Bytes  29.12.2016 19:36:09
XBV00083.VDF    : 8.12.143.220    30720 Bytes  29.12.2016 19:36:09
XBV00084.VDF    : 8.12.143.224   125952 Bytes  30.12.2016 19:36:09
XBV00085.VDF    : 8.12.143.236    43520 Bytes  30.12.2016 19:36:09
XBV00086.VDF    : 8.12.143.242    22016 Bytes  30.12.2016 19:36:09
XBV00087.VDF    : 8.12.143.248    15872 Bytes  30.12.2016 19:36:09
XBV00088.VDF    : 8.12.143.254    10752 Bytes  30.12.2016 19:36:09
XBV00089.VDF    : 8.12.144.4     22016 Bytes  30.12.2016 19:36:09
XBV00090.VDF    : 8.12.144.6     20480 Bytes  30.12.2016 19:36:09
XBV00091.VDF    : 8.12.144.8     17920 Bytes  30.12.2016 19:36:09
XBV00092.VDF    : 8.12.144.10    50688 Bytes  30.12.2016 19:36:10
XBV00093.VDF    : 8.12.144.14   140288 Bytes  31.12.2016 19:36:10
XBV00094.VDF    : 8.12.144.16    11264 Bytes  31.12.2016 19:36:10
XBV00095.VDF    : 8.12.144.18     2048 Bytes  31.12.2016 19:36:10
XBV00096.VDF    : 8.12.144.20    49152 Bytes  31.12.2016 19:36:10
XBV00097.VDF    : 8.12.144.22   125952 Bytes  01.01.2017 19:36:10
XBV00098.VDF    : 8.12.144.24     2048 Bytes  01.01.2017 19:36:10
XBV00099.VDF    : 8.12.144.30    22016 Bytes  01.01.2017 19:36:10
XBV00100.VDF    : 8.12.144.34    14336 Bytes  01.01.2017 19:36:10
XBV00101.VDF    : 8.12.144.38    15360 Bytes  01.01.2017 19:36:10
XBV00102.VDF    : 8.12.144.42    31232 Bytes  01.01.2017 19:36:10
XBV00103.VDF    : 8.12.144.56   107520 Bytes  02.01.2017 19:36:10
XBV00104.VDF    : 8.12.144.66     3072 Bytes  02.01.2017 19:36:10
XBV00105.VDF    : 8.12.144.76    41472 Bytes  02.01.2017 19:36:10
XBV00106.VDF    : 8.12.144.86    14336 Bytes  02.01.2017 19:36:10
XBV00107.VDF    : 8.12.144.96    13312 Bytes  02.01.2017 19:36:10
XBV00108.VDF    : 8.12.144.106     7168 Bytes  02.01.2017 08:02:45
XBV00109.VDF    : 8.12.144.108   150016 Bytes  03.01.2017 08:02:45
XBV00110.VDF    : 8.12.144.110    19968 Bytes  03.01.2017 10:02:47
XBV00111.VDF    : 8.12.144.112    23040 Bytes  03.01.2017 12:02:46
XBV00112.VDF    : 8.12.144.114    20992 Bytes  03.01.2017 12:02:46
XBV00113.VDF    : 8.12.144.118    75264 Bytes  03.01.2017 20:02:46
XBV00114.VDF    : 8.12.144.120    32768 Bytes  03.01.2017 22:02:47
XBV00115.VDF    : 8.12.144.122    36352 Bytes  03.01.2017 08:02:48
XBV00116.VDF    : 8.12.144.124     4096 Bytes  03.01.2017 08:02:48
XBV00117.VDF    : 8.12.144.126    99840 Bytes  04.01.2017 08:02:48
XBV00118.VDF    : 8.12.144.136    29696 Bytes  04.01.2017 12:02:47
XBV00119.VDF    : 8.12.144.144    28160 Bytes  04.01.2017 12:02:47
XBV00120.VDF    : 8.12.144.152    21504 Bytes  04.01.2017 14:02:49
XBV00121.VDF    : 8.12.144.162   132608 Bytes  04.01.2017 00:02:50
XBV00122.VDF    : 8.12.144.170    32256 Bytes  04.01.2017 00:02:50
XBV00123.VDF    : 8.12.144.180   126976 Bytes  05.01.2017 09:23:45
XBV00124.VDF    : 8.12.144.182    49152 Bytes  05.01.2017 13:23:42
XBV00125.VDF    : 8.12.144.192    97280 Bytes  05.01.2017 07:23:43
XBV00126.VDF    : 8.12.144.200     5632 Bytes  05.01.2017 07:23:43
XBV00127.VDF    : 8.12.144.208     2048 Bytes  05.01.2017 07:23:43
XBV00128.VDF    : 8.12.144.216     2048 Bytes  05.01.2017 07:23:43
XBV00129.VDF    : 8.12.144.224     2048 Bytes  05.01.2017 07:23:43
XBV00130.VDF    : 8.12.144.232     2048 Bytes  06.01.2017 07:23:43
XBV00131.VDF    : 8.12.144.240     2048 Bytes  06.01.2017 07:23:43
XBV00132.VDF    : 8.12.144.250    34304 Bytes  06.01.2017 07:23:43
XBV00133.VDF    : 8.12.145.2     95744 Bytes  06.01.2017 13:23:44
XBV00134.VDF    : 8.12.145.10    29696 Bytes  06.01.2017 13:23:44
XBV00135.VDF    : 8.12.145.18    16384 Bytes  06.01.2017 19:23:46
XBV00136.VDF    : 8.12.145.26    76288 Bytes  06.01.2017 19:23:47
XBV00137.VDF    : 8.12.145.34    25088 Bytes  06.01.2017 21:23:47
XBV00138.VDF    : 8.12.145.42    16896 Bytes  06.01.2017 21:23:47
XBV00139.VDF    : 8.12.145.52   148992 Bytes  07.01.2017 09:46:51
XBV00140.VDF    : 8.12.145.60    15360 Bytes  07.01.2017 09:46:51
XBV00141.VDF    : 8.12.145.66    24064 Bytes  07.01.2017 11:46:51
XBV00142.VDF    : 8.12.145.72    17920 Bytes  07.01.2017 13:46:51
XBV00143.VDF    : 8.12.145.78    19968 Bytes  07.01.2017 15:46:52
XBV00144.VDF    : 8.12.145.80    13312 Bytes  07.01.2017 15:46:53
XBV00145.VDF    : 8.12.145.82   124928 Bytes  08.01.2017 09:46:54
XBV00146.VDF    : 8.12.145.84     6656 Bytes  08.01.2017 11:46:54
XBV00147.VDF    : 8.12.145.86     8704 Bytes  08.01.2017 11:46:54
XBV00148.VDF    : 8.12.145.88     6144 Bytes  08.01.2017 13:46:54
XBV00149.VDF    : 8.12.145.90     5120 Bytes  08.01.2017 13:46:54
XBV00150.VDF    : 8.12.145.92     5632 Bytes  08.01.2017 15:46:55
XBV00151.VDF    : 8.12.145.96    46592 Bytes  09.01.2017 07:46:58
XBV00152.VDF    : 8.12.145.98     5632 Bytes  09.01.2017 07:46:58
XBV00153.VDF    : 8.12.145.100     5120 Bytes  09.01.2017 09:46:57
XBV00154.VDF    : 8.12.145.102     6144 Bytes  09.01.2017 19:46:58
XBV00155.VDF    : 8.12.145.104     6656 Bytes  09.01.2017 19:46:58
XBV00156.VDF    : 8.12.145.108   140288 Bytes  09.01.2017 19:46:58
XBV00157.VDF    : 8.12.145.114    36352 Bytes  09.01.2017 21:47:00
XBV00158.VDF    : 8.12.145.120    32256 Bytes  09.01.2017 21:47:00
XBV00159.VDF    : 8.12.145.126    13824 Bytes  09.01.2017 23:46:59
XBV00160.VDF    : 8.12.145.132   121344 Bytes  10.01.2017 07:47:01
XBV00161.VDF    : 8.12.145.134    27136 Bytes  10.01.2017 07:47:01
XBV00162.VDF    : 8.12.145.136    16384 Bytes  10.01.2017 09:47:02
XBV00163.VDF    : 8.12.145.138    30720 Bytes  10.01.2017 11:47:02
XBV00164.VDF    : 8.12.145.140    40448 Bytes  10.01.2017 13:47:02
XBV00165.VDF    : 8.12.145.142    22016 Bytes  10.01.2017 15:47:03
XBV00166.VDF    : 8.12.145.144    17408 Bytes  10.01.2017 17:47:03
XBV00167.VDF    : 8.12.145.150    15360 Bytes  10.01.2017 17:47:03
XBV00168.VDF    : 8.12.145.154    14336 Bytes  10.01.2017 19:47:09
XBV00169.VDF    : 8.12.145.158    12800 Bytes  10.01.2017 19:47:09
XBV00170.VDF    : 8.12.145.162    24576 Bytes  10.01.2017 21:47:04
XBV00171.VDF    : 8.12.145.166    27136 Bytes  10.01.2017 21:47:04
XBV00172.VDF    : 8.12.145.172   142848 Bytes  11.01.2017 07:47:04
XBV00173.VDF    : 8.12.145.174    64000 Bytes  11.01.2017 13:47:04
XBV00174.VDF    : 8.12.145.176    48128 Bytes  11.01.2017 13:47:05
XBV00175.VDF    : 8.12.145.180    46592 Bytes  11.01.2017 15:47:09
XBV00176.VDF    : 8.12.145.188    29696 Bytes  11.01.2017 08:42:50
XBV00177.VDF    : 8.12.145.192    18432 Bytes  11.01.2017 08:42:50
XBV00178.VDF    : 8.12.145.196    25088 Bytes  11.01.2017 08:42:50
XBV00179.VDF    : 8.12.145.200   153088 Bytes  12.01.2017 08:42:51
XBV00180.VDF    : 8.12.145.202     2048 Bytes  12.01.2017 08:42:51
XBV00181.VDF    : 8.12.145.204    52736 Bytes  12.01.2017 10:42:48
XBV00182.VDF    : 8.12.145.206    40960 Bytes  12.01.2017 14:42:44
XBV00183.VDF    : 8.12.145.208    25600 Bytes  12.01.2017 14:42:44
LOCAL001.VDF    : 8.12.145.208 197998080 Bytes  12.01.2017 14:43:00
Engine version  : 8.3.42.134
AEBB.DLL        : 8.1.3.0        59296 Bytes  19.11.2015 19:10:23
AECORE.DLL      : 8.3.12.4      247720 Bytes  21.03.2016 13:10:04
AECRYPTO.DLL    : 8.2.1.0       129904 Bytes  14.10.2016 10:11:47
AEDROID.DLL     : 8.4.3.392    2746280 Bytes  16.11.2016 13:34:16
AEEMU.DLL       : 8.1.3.8       404328 Bytes  18.03.2016 11:09:45
AEEXP.DLL       : 8.4.4.4       333728 Bytes  20.12.2016 15:09:49
AEGEN.DLL       : 8.1.8.300     654192 Bytes  10.01.2017 11:47:02
AEHELP.DLL      : 8.3.2.12      284584 Bytes  27.12.2016 11:10:21
AEHEUR.DLL      : 8.1.4.2642  10676136 Bytes  02.01.2017 19:36:12
AELIBINF.DLL    : 8.2.1.4        68464 Bytes  12.05.2016 09:27:42
AEMOBILE.DLL    : 8.1.18.2      346992 Bytes  27.12.2016 11:10:21
AEOFFICE.DLL    : 8.3.6.134     591784 Bytes  28.12.2016 13:10:24
AEPACK.DLL      : 8.4.2.36      809720 Bytes  07.12.2016 22:35:12
AERDL.DLL       : 8.2.1.52      813928 Bytes  27.12.2016 11:10:21
AESBX.DLL       : 8.2.22.6     1632160 Bytes  12.12.2016 15:03:03
AESCN.DLL       : 8.3.4.6       141216 Bytes  04.05.2016 14:00:42
AESCRIPT.DLL    : 8.3.2.34      801528 Bytes  11.01.2017 15:47:09
AEVDF.DLL       : 8.3.3.4       142184 Bytes  21.03.2016 13:10:04
AVWINLL.DLL     : 15.0.24.119    29200 Bytes  12.12.2016 17:03:08
AVPREF.DLL      : 15.0.24.119    53944 Bytes  12.12.2016 17:03:10
AVREP.DLL       : 15.0.24.119   223400 Bytes  12.12.2016 17:03:10
AVARKT.DLL      : 15.0.24.119   230544 Bytes  12.12.2016 17:03:09
SQLITE3.DLL     : 15.0.24.119   459752 Bytes  12.12.2016 17:03:15
AVSMTP.DLL      : 15.0.24.119    80200 Bytes  12.12.2016 17:03:11
NETNT.DLL       : 15.0.24.119    16880 Bytes  12.12.2016 17:03:15
CommonImageRc.dll: 15.0.24.143  3836560 Bytes  12.12.2016 17:03:09
CommonTextRc.dll: 15.0.24.119    71400 Bytes  12.12.2016 17:03:09

Configuration settings for the scan:
Jobname.............................: Full scan
Configuration file..................: C:\Program Files (x86)\Avira\Antivirus\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Skipped files.......................: 

Start of the scan: Donnerstag, 12. Januar 2017  15:46

Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
    [INFO]      No virus was found!

Starting search for hidden objects.
Skipped boot sector scan due to incompatible format.

The scan of running processes will be started:
Scan process 'svchost.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'ASCService.exe' - '57' Module(s) have been scanned
Scan process 'dwm.exe' - '39' Module(s) have been scanned
Scan process 'ascavsvc.exe' - '41' Module(s) have been scanned
Scan process 'Suo12_StartupManager.exe' - '54' Module(s) have been scanned
Scan process 'IMFsrv.exe' - '43' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '99' Module(s) have been scanned
Scan process 'svchost.exe' - '169' Module(s) have been scanned
Scan process 'svchost.exe' - '68' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '55' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '126' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '60' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '68' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '15' Module(s) have been scanned
Scan process 'spoolsv.exe' - '92' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'sched.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '80' Module(s) have been scanned
Scan process 'avguard.exe' - '108' Module(s) have been scanned
Scan process 'AsusWSWinService.exe' - '59' Module(s) have been scanned
Scan process 'adminservice.exe' - '28' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '66' Module(s) have been scanned
Scan process 'DbxSvc.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'dashost.exe' - '57' Module(s) have been scanned
Scan process 'esif_uf.exe' - '27' Module(s) have been scanned
Scan process 'IUService.exe' - '49' Module(s) have been scanned
Scan process 'LiveUpdate.exe' - '44' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned
Scan process 'SMService.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'Ath_CoexAgent.exe' - '33' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '109' Module(s) have been scanned
Scan process 'avshadow.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'svchost.exe' - '26' Module(s) have been scanned
Scan process 'DllHost.exe' - '25' Module(s) have been scanned
Scan process 'HPSupportSolutionsFrameworkService.exe' - '84' Module(s) have been scanned
Scan process 'IntelMeFWService.exe' - '22' Module(s) have been scanned
Scan process 'jhi_service.exe' - '28' Module(s) have been scanned
Scan process 'LMS.exe' - '59' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '61' Module(s) have been scanned
Scan process 'HControl.exe' - '43' Module(s) have been scanned
Scan process 'esif_assist_64.exe' - '16' Module(s) have been scanned
Scan process 'taskeng.exe' - '28' Module(s) have been scanned
Scan process 'Monitor.exe' - '78' Module(s) have been scanned
Scan process 'Explorer.EXE' - '221' Module(s) have been scanned
Scan process 'SmartDefrag.exe' - '84' Module(s) have been scanned
Scan process 'taskhostex.exe' - '43' Module(s) have been scanned
Scan process 'KBFiltr.exe' - '23' Module(s) have been scanned
Scan process 'ACMON.exe' - '54' Module(s) have been scanned
Scan process 'USBChargerPlus.exe' - '40' Module(s) have been scanned
Scan process 'ColorUService.exe' - '54' Module(s) have been scanned
Scan process 'ClassicStart.exe' - '115' Module(s) have been scanned
Scan process 'BatteryLife.exe' - '54' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '55' Module(s) have been scanned
Scan process 'DMedia.exe' - '35' Module(s) have been scanned
Scan process 'ATKOSD2.exe' - '40' Module(s) have been scanned
Scan process 'LiveComm.exe' - '94' Module(s) have been scanned
Scan process 'skydrive.exe' - '94' Module(s) have been scanned
Scan process 'StartMenu_Hook.exe' - '48' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '41' Module(s) have been scanned
Scan process 'InstallServices.exe' - '52' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '69' Module(s) have been scanned
Scan process 'AsusTPLoader.exe' - '40' Module(s) have been scanned
Scan process 'QuickGesture64.exe' - '31' Module(s) have been scanned
Scan process 'QuickGesture.exe' - '35' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '30' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '34' Module(s) have been scanned
Scan process 'BtvStack.exe' - '107' Module(s) have been scanned
Scan process 'ActivateDesktop.exe' - '37' Module(s) have been scanned
Scan process 'igfxpers.exe' - '34' Module(s) have been scanned
Scan process 'igfxtray.exe' - '33' Module(s) have been scanned
Scan process 'DptfPolicyLpmServiceHelper.exe' - '14' Module(s) have been scanned
Scan process 'CAudioFilterAgent64.exe' - '33' Module(s) have been scanned
Scan process 'SmartAudio.exe' - '107' Module(s) have been scanned
Scan process 'BlackBerryLink.exe' - '170' Module(s) have been scanned
Scan process 'BlackBerryLink.Helper.exe' - '111' Module(s) have been scanned
Scan process 'BlackBerryLink.AutoUpdate.exe' - '92' Module(s) have been scanned
Scan process 'PeerManager.exe' - '69' Module(s) have been scanned
Scan process 'ScanToPCActivationApp.exe' - '60' Module(s) have been scanned
Scan process 'BbDevMgr.exe' - '47' Module(s) have been scanned
Scan process 'tunmgr.exe' - '58' Module(s) have been scanned
Scan process 'aprp.exe' - '33' Module(s) have been scanned
Scan process 'ASUSWSLoader.exe' - '21' Module(s) have been scanned
Scan process 'RIMBBLaunchAgent.exe' - '52' Module(s) have been scanned
Scan process 'RIMDeviceManager.exe' - '79' Module(s) have been scanned
Scan process 'avgnt.exe' - '75' Module(s) have been scanned
Scan process 'hpwuschd2.exe' - '24' Module(s) have been scanned
Scan process 'Dropbox.exe' - '187' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '88' Module(s) have been scanned
Scan process 'ASCTray.exe' - '58' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '35' Module(s) have been scanned
Scan process 'IMF.exe' - '94' Module(s) have been scanned
Scan process 'nginx.exe' - '31' Module(s) have been scanned
Scan process 'nginx.exe' - '43' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '62' Module(s) have been scanned
Scan process 'avcenter.exe' - '122' Module(s) have been scanned
Scan process 'HPNetworkCommunicator.exe' - '48' Module(s) have been scanned
Scan process 'avconfig.exe' - '99' Module(s) have been scanned
Scan process 'avscan.exe' - '84' Module(s) have been scanned
Scan process 'avscan.exe' - '117' Module(s) have been scanned
Scan process 'vssvc.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'wininit.exe' - '15' Module(s) have been scanned
Scan process 'winlogon.exe' - '28' Module(s) have been scanned
Scan process 'lsass.exe' - '70' Module(s) have been scanned

Starting to scan executable files (registry):
The registry was scanned ( '1491' files ).


Starting the file scan:

Begin scan in 'C:\' <OS>
Successful Cloud SDK initialization and license check.
The file 'C:\eSupport\eDriver\Software\Mcafee\Mcafee\Win81_32_Win81_64_12.8.934\RunOnSys32.exe' was scanned with the Protection Cloud. SHA256 = D106C45B517F2B34806B89AB1B9BD9A5D422B4C6A18617C3C87C55E9FAACF84A
The file 'C:\eSupport\eDriver\Software\Modern_Application\Intel\Intel_Experience_Center\Win8_32_Win8_64_Win81_32_Win81_64_1.7.1.54\IECAP\InstAppx.exe' was scanned with the Protection Cloud. SHA256 = 5C2CADBECD4D6EBD91308840680E7DB680977450908567B8CB7621C94704C03D
The file 'C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_Win8_64_Win81_64_12.8.5.1000\IRSTPatch.exe' was scanned with the Protection Cloud. SHA256 = 2FC3D26799DAAFE8F4F3473CF03C6940A5916FDAB361550B85FF44C4D9BF6988
The file 'C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_Win8_64_Win81_64_12.8.5.1000\OverWriteSys.exe' was scanned with the Protection Cloud. SHA256 = B23F018B467C6ABD1DADEE4FFBD022364DFA46DE2531E92CA4383BC8D8A6B606
The file 'C:\eSupport\eDriver\Software\Touchpad\ASUS\AsusSmartGesture\XP32_Win7_32_Win7_64_Win8_32_Win8_64_Win81_32_Win81_64_2.2.8\Disable3Fun.exe' was scanned with the Protection Cloud. SHA256 = 588CD04F996A0F24BE632BB1F5375E775CF74D98AE385277FF6A2BFFAAF86CD4
The file 'C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe' was scanned with the Protection Cloud. SHA256 = 3A17BAB208532EB60BCC9F84D2C15684CC668F00FCEDB7D5F52F134522922AB2
The file 'C:\Program Files (x86)\BalTax 2014\.install4j\i4jinst.dll' was scanned with the Protection Cloud. SHA256 = B066DC39D9A775EF288B2C054FF2A4583C5A27526A770F3FE02D8256DB29AB9F
The file 'C:\Program Files (x86)\Common Files\AWS\2.1.2.301\AsusWSShellExt.dll' was scanned with the Protection Cloud. SHA256 = 9A3FFBFF1F15B97B858A2E17CEE814D9ABBABE3B488BD43CFF5BDDECED6BF8BC
The file 'C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Dashlane_Launcher.exe' was found in the cache; the Protection Cloud scan was skipped. SHA256 = DDB348B0443D540A6E72477B111B50B094ADCD490872C4786ACBDCD093E07F8D
The file 'C:\Program Files (x86)\IObit\IObit Malware Fighter\Dashlane_Launcher.exe' was scanned with the Protection Cloud. SHA256 = DDB348B0443D540A6E72477B111B50B094ADCD490872C4786ACBDCD093E07F8D
The file 'C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFInstaller.exe' was scanned with the Protection Cloud. SHA256 = 08DE794BE425CB026FC413590B36908DE82247DCE86F0EE590CCFBC2D0289646
The file 'C:\Program Files (x86)\IObit\Smart Defrag\Dashlane_Launcher.exe' was scanned with the Protection Cloud. SHA256 = DDB348B0443D540A6E72477B111B50B094ADCD490872C4786ACBDCD093E07F8D
The file 'C:\Program Files (x86)\IObit\Smart Defrag\SDInstaller.exe' was scanned with the Protection Cloud. SHA256 = 7141D03EE2FA63665B840E908418F4274B21ED45CCD9A60571099C8477EA48B7
The file 'C:\ProgramData\IObit\ASCDownloader\av10\Smart Defrag.exe' was scanned with the Protection Cloud. SHA256 = FE42B97ACB97C55EB68D744EF9F089B61AD6EEFEA1CE6767D117AAAE33BAB1F5
The file 'C:\Users\W\Downloads\smart-defrag-setup.exe' was scanned with the Protection Cloud. SHA256 = 7F96E547280DE901C994F29873DBB4F04FC34AE17423E3C76DC352CE58CB44B2
The file 'C:\Users\W\Downloads\WebStorageSyncAgent2.2.4.537.exe' was scanned with the Protection Cloud. SHA256 = 2391DE959147653199217430FE64F0E90D7C8907DF37111E4E09EDE7F76BB3C0
Begin scan in 'D:\' <Data>


End of the scan: Donnerstag, 12. Januar 2017  16:19
Used time: 33:22 Minute(s)

The scan has been done completely.

  59777 Scanned directories
 1031179 Files were scanned
      0 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 Files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      0 Files cannot be scanned
 1031179 Files not concerned
  13289 Archives were scanned
      0 Warnings
      0 Notes
   2160 Objects were scanned with rootkit scan
      0 Hidden objects were found

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von W (2017-01-12 17:06:24)
Gestartet von C:\Users\W\Desktop
Windows 8.1 (X64) (2015-03-13 17:07:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4242665128-3801008343-3756527368-500 - Administrator - Disabled)
Gast (S-1-5-21-4242665128-3801008343-3756527368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4242665128-3801008343-3756527368-1003 - Limited - Enabled)
W (S-1-5-21-4242665128-3801008343-3756527368-1001 - Administrator - Enabled) => C:\Users\W
WalburgaA (S-1-5-21-4242665128-3801008343-3756527368-1004 - Limited - Enabled) => C:\Users\WalburgaA
WalburgaA_2 (S-1-5-21-4242665128-3801008343-3756527368-1005 - Limited - Enabled) => C:\Users\WalburgaA_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.3.19655 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
BalTax 2014 10.3.0 (HKLM-x32\...\6456-0709-2578-5305) (Version: 10.3.0 - Information Factory AG)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.3.0 - Conexant)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spotify (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.1.2 - IObit)
Viber (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

12-01-2017 16:43:36 Avira System Speedup 1.0.0

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0342BFFA-1607-4B26-A43C-C4AA152AA97C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {0FEE4DC3-3CAA-479F-9417-6AF1D462FAEF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {1401C5ED-FB6B-4CC7-ACA4-1B63F7BE8D66} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {160B2967-201E-4798-AF01-110AA11799C4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {1B188FBC-CBE6-45C3-A213-D566E6BBCFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {1E8610D1-DAAD-45EE-AEF9-60CF36C57CF4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {246C0A6B-6A80-442C-A94D-5FBCCBD34064} - \Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-500 -> Keine Datei <==== ACHTUNG
Task: {2910A9B7-00AD-4EEB-B6C9-927B25E7E0E9} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {2C3EBB37-E372-47BF-AA9B-7344DB5F624D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {2D3F43BE-DB01-43CC-B9FF-47575B2433F1} - System32\Tasks\ASCU8_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: {2EA02241-0B03-408F-B83B-7C902900B8FF} - System32\Tasks\Uninstaller_SkipUac_W => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {364E78CB-8F52-46BE-B238-EC7BF0F7960C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {39608701-DBEC-4F19-8A9F-2B3FD009FCF3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {3DBB24AE-FDCE-4666-BC02-9FDB77BFF611} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {3DD3B6F9-E321-4828-A255-7D7F6CECE88D} - System32\Tasks\HPCeeScheduleForW => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {40831A6D-1DBD-4094-8BDC-DB6537DF6ACC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {4695E224-12EF-44AD-AE15-C75A4DB9C1D6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {4845DFF6-45BE-4901-A88B-766B40B6C531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {48DFFBFB-C1E4-43FB-AAB0-772F322E9EE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {4C904833-F10F-42DD-B018-9099D51B5A86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5110E657-D3DD-416A-96ED-FB9A4021657D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {5A608E78-575C-41FA-ABFD-339F9A1A1EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5CA7B546-0C0E-41B5-A83C-61A8B2F9FE8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {6B06E695-1468-45F2-8107-2002312A5B8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {7A92A124-AB57-4689-BDC1-D338DCAF4A61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {83CA6AC7-F7C8-4DC2-8F60-BBC037B4AA48} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {855DE6AB-33A8-400D-939E-7BE1F1AE7654} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {86178183-17F5-4BA7-BC6E-4E390CF63EDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {8644FDE7-79EA-43C5-97D6-934D3EBD2566} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {897683C6-A75D-409F-91A3-52D8255EB8AE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {9299B6E3-66BA-4356-9840-2A58827B6EBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {98DA2E9F-F07E-4B07-AA83-BA933DA51E3A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe %windir%\system32\invagent.dll,RunUpdate
Task: {AC1AE724-565B-440F-9D99-64BD1870B476} - System32\Tasks\{C899D39E-45DD-45B2-A29B-4C51F80917CF} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B06C1DC9-B956-454E-9F3E-2F18FE046042} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B7B5D5D0-1713-4348-B0A7-E98675483F7C} - System32\Tasks\Driver Booster SkipUAC (W) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {B80C527B-82B1-4B34-B2ED-109A7D3EA85B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C733BA11-DEE8-44A5-BF13-A08E1F4ACD3A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {CCBCF2F1-69FF-436B-A04E-28836ADDD127} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {D4211F9A-2116-4A21-8804-557BCD1141BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {DAD6039A-7170-48A1-8431-23477DAF2D3E} - System32\Tasks\ASCU10_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-12-16] (IObit)
Task: {E41ED4AB-AC0D-4BAC-9EAC-19CDE353F3C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {E8068A8A-1B36-4C21-B476-11564C67DC2C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {EB4648FC-B522-4493-8324-39F7F82DEAAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {EDDE5D09-83C0-42A4-AD95-D4910BB11DAD} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F5AE5400-C680-4B8E-AFEE-ADC6CA9BA7C7} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASCU10_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: C:\Windows\Tasks\ASCU8_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_W.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-15 20:39 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-16 21:29 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-19 12:01 - 2015-03-19 12:01 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-02-24 11:59 - 2014-02-24 11:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2016-12-04 10:19 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-01-12 13:18 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-10-15 20:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-28 11:58 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2016-12-28 11:58 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll
2017-01-12 14:05 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-01-12 14:05 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-01-11 12:50 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-01-11 12:50 - 2016-10-20 09:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2017-01-11 12:50 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2015-03-19 15:29 - 2015-03-19 15:29 - 00055032 _____ () C:\Program Files (x86)\Common Files\XCPCSync.OEM\SyncSDK.209.604\Translators\MSOl\rMSOLDE.dll
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2016-09-14 11:04 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-01-11 12:19 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-14 11:04 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00021328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00052032 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-11 12:19 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00026464 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-14 11:04 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00023384 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00022360 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00024400 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-01-11 12:19 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-01-11 12:19 - 2017-01-06 01:03 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-01-11 12:19 - 2017-01-06 01:04 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020296 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2017-01-11 12:19 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-01-11 12:19 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-01-11 12:19 - 2017-01-06 01:04 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00024920 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-28 11:58 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\webres.dll
2016-12-28 11:58 - 2016-11-09 14:35 - 00631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-12-04 10:19 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-04 10:19 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 18:59 - 2017-01-11 18:59 - 17835096 _____ () C:\Users\W\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\W\OneDrive:ms-properties
AlternateDataStreams: C:\Users\WalburgaA\OneDrive:ms-properties
AlternateDataStreams: C:\Users\WalburgaA_2\OneDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dc 2009 cherry blossom.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Swiss Media Research => 
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Swiss Media Research"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{691CF345-DD69-404F-AF5D-6F4559782239}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{20468303-425B-4EEF-9CF2-CB9B667877CF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A36E65A0-12AE-401F-B4EB-772BF0F8E1E9}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{77F93656-1433-4630-BD7C-E720231F1DC5}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{1DE267D5-A1AF-46D6-BB84-678F68CC5E84}] => (Allow) LPort=4481
FirewallRules: [{22584053-CCF2-48FA-B4DB-17B85D4A4D99}] => (Allow) LPort=4481
FirewallRules: [{FE52E7C5-DA41-41EA-BA15-E3AAEA4110AD}] => (Allow) LPort=4482
FirewallRules: [{AD828279-8620-49EF-8955-492B1B2F638B}] => (Allow) LPort=4482
FirewallRules: [TCP Query User{82BDC133-2312-4BAF-8D46-7D68548E2438}C:\users\w\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{25AB6BF8-A186-488E-B239-C6FB6BFECC7C}C:\users\w\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CF7D7C9-3290-48FB-8336-CC4EDBF77924}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{DA5E6717-0863-4AD6-8CB4-E350F6941D2F}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{94312F5D-797E-4DD8-B3BB-540277322EA7}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{6C4FBF2E-085C-47B2-B693-E39F9920408B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{A32968A8-76A3-4228-AF59-4C0EEA8FB02C}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{29C75D54-A4F9-4459-9812-1936D981D03F}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{C1E0DF48-FF76-4E7B-8FC9-AB3F0FC95967}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3601AE15-869E-48B2-AFCE-55E105C11061}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C3620875-5C70-4145-B20F-5293F40C2FF0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC0F178A-5676-4D57-BE7F-50804D499185}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6EB504D7-AA49-4638-A3A0-50F3D0ADB71F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A125D56A-2E3C-458F-A69C-9E4B14FAF15B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA9B8A09-581B-4167-8AEB-FA3B89625855}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B1EEAC93-F801-48D6-AC66-3C2B14074556}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A41AF319-88AA-4D4D-B37C-DC812E678C7E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D6E05F4F-52FC-433B-B3AA-5E933AA99D67}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC01E046-1852-4524-A703-D2116F68448B}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{98587A68-0360-4057-8319-C1793D3D52A3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{E05D331A-6921-4271-9622-AD1F1B469ADA}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{294EE63A-E5AB-4C08-ACB0-5EFC9B0A1A25}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{A285D6A6-BA0F-4E71-A956-C798412A53E3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3510B7E4-F0DA-4328-9444-37B49694C78D}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{885CCE20-D2D0-418E-A684-D7183BE6F03A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{EA57B3A8-6643-4EC8-9958-191B7015BA39}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{63D24422-F0BD-417D-B1E8-CF6972A5B421}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{785E03D9-876A-4504-8699-B3C88F6788A2}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{77F70256-B007-40A4-81B2-A97C00F0F506}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{B98762E4-1E97-46D9-88C6-D42B3DB4BF78}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{1EAD28E8-83F0-4031-A147-39D05CC7FC11}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{5B288256-58A1-446F-A369-83F9BA1276F0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7CF04991-30DC-4C5A-8CCA-7CA75906989E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{0FC51FDA-052A-480A-BBE0-FCE7DCD3416E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{D7590519-D3F1-49B2-8B6E-E9166910CB7B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{BFD1D46B-0E6D-49C2-BA07-DB5EC992DD4E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{5E6FAF82-21B1-4AD6-A48C-E341ABA90A39}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{716992DF-C895-43E7-A1CA-E3FB78C59ACA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/12/2017 03:50:37 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain:  CreateSharedMemory() failed.
Session ID = 1

Error: (01/12/2017 03:50:37 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory:  WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmService
CreateApplicationList:  dptfFrameworkHandle is NULL.

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmService
ConnectToDptfFrameworkDriver:  SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceMain:  ServiceStart() failed.

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceStart:  ConnectToDptfFrameworkDriver() failed.

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalService
ConnectToDptfFrameworkDriver:  SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPService
ServiceMain:  ServiceStart() failed.

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPService
ServiceStart:  ConnectToDptfFrameworkDriver() failed.

Error: (01/12/2017 03:29:54 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyConfigTDPService
ConnectToDptfFrameworkDriver:  SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]


Systemfehler:
=============
Error: (01/12/2017 02:10:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StartMenu8 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:18:48 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/10/2017 10:47:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/07/2017 04:52:59 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (01/06/2017 10:53:10 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/05/2017 08:53:57 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/05/2017 12:44:39 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


CodeIntegrity:
===================================
  Date: 2017-01-11 14:21:55.135
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-10 08:10:01.950
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-07 09:28:52.157
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:58:49.397
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:50:20.220
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:32:12.912
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:02:49.162
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-04 23:56:35.478
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-04 23:53:40.418
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-08 22:44:46.179
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 8075.11 MB
Verfügbarer physikalischer RAM: 3207.91 MB
Summe virtueller Speicher: 19851.11 MB
Verfügbarer virtueller Speicher: 14078.59 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:10.67 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Data) (Fixed) (Total:121.98 GB) (Free:107.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FDF0BB21)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

cosinus · 13.01.2017, 19:01

- FRST.txt fehlt
- Logfile von Avira ohne Funde ist sinnfrei - oder gab es wirklich keine Funde?

wma927 · 13.01.2017, 23:06

ich bin mir nicht sicher, ob ich das alles a) richtig verstanden und b) korrekt runtergeladen habe...
der file müsste der addition.txt sein - zumindest steht das drauf ...

von avira versuche ich, bessere infos zu senden - möglicherweise hab ich da beim ersten Mal einen Fehler gemacht beim exportieren der Daten... schicke ich separat...
merci, Walburga

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 1
durchgeführt von W (13-01-2017 22:23:45)
Gestartet von C:\Users\W\Downloads
Windows 8.1 (Update) (X64) (2015-03-13 17:07:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4242665128-3801008343-3756527368-500 - Administrator - Disabled)
Gast (S-1-5-21-4242665128-3801008343-3756527368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4242665128-3801008343-3756527368-1003 - Limited - Enabled)
W (S-1-5-21-4242665128-3801008343-3756527368-1001 - Administrator - Enabled) => C:\Users\W
WalburgaA (S-1-5-21-4242665128-3801008343-3756527368-1004 - Limited - Enabled) => C:\Users\WalburgaA
WalburgaA_2 (S-1-5-21-4242665128-3801008343-3756527368-1005 - Limited - Enabled) => C:\Users\WalburgaA_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.3.19655 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
BalTax 2014 10.3.0 (HKLM-x32\...\6456-0709-2578-5305) (Version: 10.3.0 - Information Factory AG)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.3.0 - Conexant)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spotify (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.1.2 - IObit)
Viber (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0342BFFA-1607-4B26-A43C-C4AA152AA97C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {0FEE4DC3-3CAA-479F-9417-6AF1D462FAEF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {1401C5ED-FB6B-4CC7-ACA4-1B63F7BE8D66} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {160B2967-201E-4798-AF01-110AA11799C4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {1B188FBC-CBE6-45C3-A213-D566E6BBCFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {1E8610D1-DAAD-45EE-AEF9-60CF36C57CF4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {246C0A6B-6A80-442C-A94D-5FBCCBD34064} - \Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-500 -> Keine Datei <==== ACHTUNG
Task: {2910A9B7-00AD-4EEB-B6C9-927B25E7E0E9} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {2C3EBB37-E372-47BF-AA9B-7344DB5F624D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {2D3F43BE-DB01-43CC-B9FF-47575B2433F1} - System32\Tasks\ASCU8_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: {2EA02241-0B03-408F-B83B-7C902900B8FF} - System32\Tasks\Uninstaller_SkipUac_W => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {364E78CB-8F52-46BE-B238-EC7BF0F7960C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {39608701-DBEC-4F19-8A9F-2B3FD009FCF3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {3DBB24AE-FDCE-4666-BC02-9FDB77BFF611} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {3DD3B6F9-E321-4828-A255-7D7F6CECE88D} - System32\Tasks\HPCeeScheduleForW => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {40831A6D-1DBD-4094-8BDC-DB6537DF6ACC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {4695E224-12EF-44AD-AE15-C75A4DB9C1D6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {470F739A-ED83-4329-87B3-654CAB7AEB57} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {4845DFF6-45BE-4901-A88B-766B40B6C531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {48DFFBFB-C1E4-43FB-AAB0-772F322E9EE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {4C904833-F10F-42DD-B018-9099D51B5A86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5110E657-D3DD-416A-96ED-FB9A4021657D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {5A608E78-575C-41FA-ABFD-339F9A1A1EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5CA7B546-0C0E-41B5-A83C-61A8B2F9FE8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {6B06E695-1468-45F2-8107-2002312A5B8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {7A92A124-AB57-4689-BDC1-D338DCAF4A61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {83CA6AC7-F7C8-4DC2-8F60-BBC037B4AA48} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {855DE6AB-33A8-400D-939E-7BE1F1AE7654} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {86178183-17F5-4BA7-BC6E-4E390CF63EDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {8644FDE7-79EA-43C5-97D6-934D3EBD2566} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {9299B6E3-66BA-4356-9840-2A58827B6EBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {AC1AE724-565B-440F-9D99-64BD1870B476} - System32\Tasks\{C899D39E-45DD-45B2-A29B-4C51F80917CF} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B7B5D5D0-1713-4348-B0A7-E98675483F7C} - System32\Tasks\Driver Booster SkipUAC (W) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {B80C527B-82B1-4B34-B2ED-109A7D3EA85B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {BB1389BA-A101-4773-A0AD-2B3E43E69916} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {C733BA11-DEE8-44A5-BF13-A08E1F4ACD3A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {C8CF1C89-DFC9-4E14-B4E9-573683F39012} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {CCBCF2F1-69FF-436B-A04E-28836ADDD127} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {D4211F9A-2116-4A21-8804-557BCD1141BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {DAD6039A-7170-48A1-8431-23477DAF2D3E} - System32\Tasks\ASCU10_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-12-16] (IObit)
Task: {E41ED4AB-AC0D-4BAC-9EAC-19CDE353F3C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {E8068A8A-1B36-4C21-B476-11564C67DC2C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {EB4648FC-B522-4493-8324-39F7F82DEAAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {F5AE5400-C680-4B8E-AFEE-ADC6CA9BA7C7} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASCU10_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: C:\Windows\Tasks\ASCU8_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_W.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-15 20:39 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-16 21:29 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-19 12:01 - 2015-03-19 12:01 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-02-24 11:59 - 2014-02-24 11:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2016-12-04 10:19 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-01-12 13:18 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-12-28 11:58 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2016-12-28 11:58 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll
2017-01-12 14:05 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-01-12 14:05 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-01-11 12:50 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-01-11 12:50 - 2016-10-20 09:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2017-01-11 12:50 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2015-03-19 15:29 - 2015-03-19 15:29 - 00055032 _____ () C:\Program Files (x86)\Common Files\XCPCSync.OEM\SyncSDK.209.604\Translators\MSOl\rMSOLDE.dll
2016-09-20 02:23 - 2016-09-20 02:23 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-03 03:28 - 2015-05-03 03:28 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2016-11-17 09:34 - 2016-11-15 11:19 - 01041600 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2016-12-28 11:58 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\webres.dll
2016-12-28 11:58 - 2016-11-09 14:35 - 00631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll
2016-09-14 11:04 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-01-11 12:19 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-14 11:04 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00021328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00052032 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-11 12:19 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00026464 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-14 11:04 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00023384 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00022360 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00024400 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-01-11 12:19 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-01-11 12:19 - 2017-01-06 01:03 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-01-11 12:19 - 2017-01-06 01:04 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020296 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2017-01-11 12:19 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-01-11 12:19 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-01-11 12:19 - 2017-01-06 01:04 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00024920 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-01-12 14:10 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2017-01-12 14:10 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-12-04 10:19 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-04 10:19 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2014-10-15 20:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2017-01-11 18:59 - 2017-01-11 18:59 - 17835096 _____ () C:\Users\W\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dc 2009 cherry blossom.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Swiss Media Research => 
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Swiss Media Research"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{691CF345-DD69-404F-AF5D-6F4559782239}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{20468303-425B-4EEF-9CF2-CB9B667877CF}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A36E65A0-12AE-401F-B4EB-772BF0F8E1E9}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{77F93656-1433-4630-BD7C-E720231F1DC5}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{1DE267D5-A1AF-46D6-BB84-678F68CC5E84}] => LPort=4481
FirewallRules: [{22584053-CCF2-48FA-B4DB-17B85D4A4D99}] => LPort=4481
FirewallRules: [{FE52E7C5-DA41-41EA-BA15-E3AAEA4110AD}] => LPort=4482
FirewallRules: [{AD828279-8620-49EF-8955-492B1B2F638B}] => LPort=4482
FirewallRules: [TCP Query User{82BDC133-2312-4BAF-8D46-7D68548E2438}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{25AB6BF8-A186-488E-B239-C6FB6BFECC7C}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CF7D7C9-3290-48FB-8336-CC4EDBF77924}] => C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{DA5E6717-0863-4AD6-8CB4-E350F6941D2F}] => C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{94312F5D-797E-4DD8-B3BB-540277322EA7}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{6C4FBF2E-085C-47B2-B693-E39F9920408B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{A32968A8-76A3-4228-AF59-4C0EEA8FB02C}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{29C75D54-A4F9-4459-9812-1936D981D03F}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{C1E0DF48-FF76-4E7B-8FC9-AB3F0FC95967}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3601AE15-869E-48B2-AFCE-55E105C11061}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C3620875-5C70-4145-B20F-5293F40C2FF0}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC0F178A-5676-4D57-BE7F-50804D499185}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6EB504D7-AA49-4638-A3A0-50F3D0ADB71F}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A125D56A-2E3C-458F-A69C-9E4B14FAF15B}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA9B8A09-581B-4167-8AEB-FA3B89625855}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B1EEAC93-F801-48D6-AC66-3C2B14074556}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A41AF319-88AA-4D4D-B37C-DC812E678C7E}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D6E05F4F-52FC-433B-B3AA-5E933AA99D67}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC01E046-1852-4524-A703-D2116F68448B}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{98587A68-0360-4057-8319-C1793D3D52A3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{E05D331A-6921-4271-9622-AD1F1B469ADA}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{294EE63A-E5AB-4C08-ACB0-5EFC9B0A1A25}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{A285D6A6-BA0F-4E71-A956-C798412A53E3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3510B7E4-F0DA-4328-9444-37B49694C78D}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{885CCE20-D2D0-418E-A684-D7183BE6F03A}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{EA57B3A8-6643-4EC8-9958-191B7015BA39}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{63D24422-F0BD-417D-B1E8-CF6972A5B421}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{785E03D9-876A-4504-8699-B3C88F6788A2}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{77F70256-B007-40A4-81B2-A97C00F0F506}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{B98762E4-1E97-46D9-88C6-D42B3DB4BF78}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{1EAD28E8-83F0-4031-A147-39D05CC7FC11}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{5B288256-58A1-446F-A369-83F9BA1276F0}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7CF04991-30DC-4C5A-8CCA-7CA75906989E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{0FC51FDA-052A-480A-BBE0-FCE7DCD3416E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{D7590519-D3F1-49B2-8B6E-E9166910CB7B}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{BFD1D46B-0E6D-49C2-BA07-DB5EC992DD4E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{5E6FAF82-21B1-4AD6-A48C-E341ABA90A39}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{716992DF-C895-43E7-A1CA-E3FB78C59ACA}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

12-01-2017 16:43:36 Avira System Speedup 1.0.0

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/13/2017 04:55:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18460, Zeitstempel: 0x57c1b8c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f1b70
ID des fehlerhaften Prozesses: 0x1470
Startzeit der fehlerhaften Anwendung: 0x01d26d64800904dd
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: b16ed703-d9a8-11e6-8303-6c71d9ffbf53
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/13/2017 04:54:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/13/2017 04:54:02 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.

Error: (01/13/2017 04:54:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/13/2017 04:54:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/13/2017 04:54:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\Windows\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/13/2017 04:03:30 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1344

Error: (01/13/2017 04:03:30 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1344

Error: (01/13/2017 04:03:30 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/13/2017 03:50:59 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 808: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)


Systemfehler:
=============
Error: (01/13/2017 10:23:39 PM) (Source: BROWSER) (EventID: 8020) (User: )
Description: Der Suchdienst konnte sich nicht selbst zur Funktion als Hauptsuchdienst heraufstufen.
Der Computer, der zurzeit die Funktion als Hauptsuchdienst erfüllt, ist unbekannt.

Error: (01/13/2017 04:56:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/12/2017 02:10:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StartMenu8 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:18:48 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/10/2017 10:47:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/07/2017 04:52:59 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (01/06/2017 10:53:10 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


CodeIntegrity:
===================================
  Date: 2017-01-11 14:21:55.135
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-10 08:10:01.950
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-07 09:28:52.157
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:58:49.397
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:50:20.220
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:32:12.912
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-05 00:02:49.162
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-04 23:56:35.478
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-04 23:53:40.418
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-12-08 22:44:46.179
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 86%
Installierter physikalischer RAM: 8075.11 MB
Verfügbarer physikalischer RAM: 1050.23 MB
Summe virtueller Speicher: 19851.11 MB
Verfügbarer virtueller Speicher: 9915.25 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:5.8 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:121.98 GB) (Free:107.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FDF0BB21)

Partition: GPT.

==================== Ende von Addition.txt ===========================================

Ich hoffe, das ist jetzt der richtige file & hilft weiter....*sigh*
W

Code:

ATTFilter

Type:	File
Source:	C:\Users\WalburgaA_2\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hneieddeibpcngeljjkdpcajfcgelalk\000003.log
Status:	Infected
Quarantine object:	77a5d530.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	8.03.42.132
Virus definition file:	8.12.145.172
Detection:	HTML/Rce.Gen
Date/Time:	11.01.2017, 12:46


Type:	File
Source:	C:\Users\W\Downloads\PDFCreator-2_1_1-setup.exe
Status:	Infected
Quarantine object:	1188f761.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	8.03.42.132
Virus definition file:	8.12.145.172
Detection:	PUA/OpenCandy.Gen
Date/Time:	11.01.2017, 12:44


Type:	File
Source:	C:\Users\W\Documents\Finanzen alles\2013 Finanzen CH\driver_booster_setup.exe
Status:	Infected
Quarantine object:	43b4b571.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	8.03.42.132
Virus definition file:	8.12.145.172
Detection:	Adware/IObit.ygkr
Date/Time:	11.01.2017, 12:39


Type:	File
Source:	C:\Users\W\AppData\Roaming\sp_data.sys
Status:	Suspicious
Quarantine object:	5b29efaf.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:35


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\AntivirusConfig.ini
Status:	Suspicious
Quarantine object:	0a9da1e7.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup.ini
Status:	Suspicious
Quarantine object:	6093d74d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\LastCheck.Ini
Status:	Suspicious
Quarantine object:	391dce02.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\HealthLevel.ini
Status:	Suspicious
Quarantine object:	18d7aec9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ACInstall_IMF.ini
Status:	Suspicious
Quarantine object:	0dbab583.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\User_UndeleteReg.dat
Status:	Suspicious
Quarantine object:	102d8140.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\HealthLevel.ini
Status:	Suspicious
Quarantine object:	2b7493be.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Install.ini
Status:	Suspicious
Quarantine object:	5202b225.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Startup.ini
Status:	Suspicious
Quarantine object:	17b3ed03.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\iobitpromotion.ini
Status:	Suspicious
Quarantine object:	78f3cb59.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\ReinforceData.ini
Status:	Suspicious
Quarantine object:	10b98566.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\AntivirusConfig.ini
Status:	Suspicious
Quarantine object:	1530f1ee.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\B5X.ini
Status:	Suspicious
Quarantine object:	55e8d48e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\AscService.ini
Status:	Suspicious
Quarantine object:	02f3d88e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\dnsprotect.ini
Status:	Suspicious
Quarantine object:	3313825c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\ReinforceData.ini
Status:	Suspicious
Quarantine object:	48478363.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\SM_BackList.ini
Status:	Suspicious
Quarantine object:	010b932f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Chrome.ini
Status:	Suspicious
Quarantine object:	40f0c53c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\AscService.ini
Status:	Suspicious
Quarantine object:	12b0846e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\LocalIgnore.ini
Status:	Suspicious
Quarantine object:	778595c1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\BootTime.ini
Status:	Suspicious
Quarantine object:	4c38f4c2.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\HomepageProtect.ini
Status:	Suspicious
Quarantine object:	1656b20b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ACInstall.ini
Status:	Suspicious
Quarantine object:	1a74e416.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161205073449.dat
Status:	Suspicious
Quarantine object:	5c6fa256.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10Downloader.log
Status:	Suspicious
Quarantine object:	2d2bf81f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\SD5Downloader.log
Status:	Suspicious
Quarantine object:	1f22a632.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161205074052.dat
Status:	Suspicious
Quarantine object:	1ff6ace9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3Downloader.log
Status:	Suspicious
Quarantine object:	653fa2c1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161228114948.dat
Status:	Suspicious
Quarantine object:	658affd4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Homepage Protection\Homepage.log
Status:	Suspicious
Quarantine object:	1dc089c5.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\Downloader.log
Status:	Suspicious
Quarantine object:	28d8db2a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObitLiveUpdate\update.ept
Status:	Suspicious
Quarantine object:	5fe1dad5.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20170105005104.dat
Status:	Suspicious
Quarantine object:	2668a8f6.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20170103170845.dat
Status:	Suspicious
Quarantine object:	638af2e6.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161226122615.dat
Status:	Suspicious
Quarantine object:	223afb07.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC10_UserConfig_New.ini
Status:	Suspicious
Quarantine object:	32deb770.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\main.ini
Status:	Suspicious
Quarantine object:	3f998ab8.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\AU8Downloader.log
Status:	Suspicious
Quarantine object:	42b8bf17.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Homepage Protection\IMFsrv.log
Status:	Suspicious
Quarantine object:	4e4680aa.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\protectreport.ini
Status:	Suspicious
Quarantine object:	517be729.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Startup Manager\boottime.dat
Status:	Suspicious
Quarantine object:	5054f20d.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\InnsetupDownloader.log
Status:	Suspicious
Quarantine object:	47baf618.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF4Downloader.log
Status:	Suspicious
Quarantine object:	4966a21e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161215105910.dat
Status:	Suspicious
Quarantine object:	46fdbc6b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\silent.ini
Status:	Suspicious
Quarantine object:	4518d3df.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC9\Smart Defrag.exe.dat
Status:	Suspicious
Quarantine object:	4c309d9f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161207232627.dat
Status:	Suspicious
Quarantine object:	3499efff.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Homepage Protection\Homepage.log
Status:	Suspicious
Quarantine object:	35398786.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime.dat
Status:	Suspicious
Quarantine object:	3420d2d0.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20170102202801.dat
Status:	Suspicious
Quarantine object:	3382f596.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\discription.db
Status:	Suspicious
Quarantine object:	340f8d2a.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\smBootTime\smBootTime.ini
Status:	Suspicious
Quarantine object:	51a48201.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObitLiveUpdate\main.ini
Status:	Suspicious
Quarantine object:	38e3b049.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\Freeware.dat
Status:	Suspicious
Quarantine object:	53ae8d01.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Homepage Protection\IMFsrv.log
Status:	Suspicious
Quarantine object:	3564d901.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\Downloader_1.log
Status:	Suspicious
Quarantine object:	53f6e51e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASCInstaller_Downloader.log
Status:	Suspicious
Quarantine object:	0fd39031.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\smBootTime\smAutoRun.log
Status:	Suspicious
Quarantine object:	778aa56b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\disableRate.db
Status:	Suspicious
Quarantine object:	0bcbc440.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\StartMenu 8Downloader.log
Status:	Suspicious
Quarantine object:	0fa1c987.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC9Downloader.log
Status:	Suspicious
Quarantine object:	13328c5b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161204175525.dat
Status:	Suspicious
Quarantine object:	16a1db6e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASCU10_UserConfig_New.ini
Status:	Suspicious
Quarantine object:	6b25c4bf.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Homepage Protection\ASCService.log
Status:	Suspicious
Quarantine object:	136382c1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\Toolbox_Downloader.log
Status:	Suspicious
Quarantine object:	161c9932.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Startup Manager\mainData.dat
Status:	Suspicious
Quarantine object:	03b6e1bd.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Homepage Protection\ASC.log
Status:	Suspicious
Quarantine object:	7feecf1b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20161217080605.dat
Status:	Suspicious
Quarantine object:	01769585.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC9\Freeware.dat
Status:	Suspicious
Quarantine object:	0267eeee.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\SD4Downloader.log
Status:	Suspicious
Quarantine object:	06aaab29.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC9\Driver Booster.exe.dat
Status:	Suspicious
Quarantine object:	7c1895c8.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\smBootTime\AutoRunConfig.ini
Status:	Suspicious
Quarantine object:	7b7af60b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\ignore.ini
Status:	Suspicious
Quarantine object:	06f7f83b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC9\Driver Booster.exe
Status:	Suspicious
Quarantine object:	0882bdbb.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\License.log
Status:	Suspicious
Quarantine object:	1a58d466.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\boottime\boottime20170105004542.dat
Status:	Suspicious
Quarantine object:	19bcf150.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare V8\Homepage Protection\ASCService.log
Status:	Suspicious
Quarantine object:	6939d003.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\init.log
Status:	Suspicious
Quarantine object:	6837c4c1.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\Advanced SystemCare\Startup Manager\mainData.dat
Status:	Suspicious
Quarantine object:	1bd3c5bc.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\ASC9_UserConfig.ini
Status:	Suspicious
Quarantine object:	6679e6d4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\config.ini
Status:	Suspicious
Quarantine object:	680fc0d9.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\IObit Malware Fighter\remember.ini
Status:	Suspicious
Quarantine object:	1922dcc4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\AU8\Advanced SystemCare.exe
Status:	Suspicious
Quarantine object:	377be1c0.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10\Driver Booster.exe.dat
Status:	Suspicious
Quarantine object:	36fd979b.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10\Skype.exe.dat
Status:	Suspicious
Quarantine object:	24588a6e.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10\Driver Booster.exe
Status:	Suspicious
Quarantine object:	47afcbde.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10\Smart Defrag.exe
Status:	Suspicious
Quarantine object:	6940d41c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10\Smart Defrag.exe.dat
Status:	Suspicious
Quarantine object:	0769fbd4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\av10\Skype.exe
Status:	Suspicious
Quarantine object:	4c7cad55.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Advanced SystemCare.exe
Status:	Suspicious
Quarantine object:	4dfdaece.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Driver Booster.exe.dat
Status:	Suspicious
Quarantine object:	6127d538.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Advanced SystemCare.exe.dat
Status:	Suspicious
Quarantine object:	4d03a49f.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Driver Booster.exe
Status:	Suspicious
Quarantine object:	06409d87.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\IObit Uninstaller.exe
Status:	Suspicious
Quarantine object:	4a77895c.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF4\Advanced SystemCare.exe
Status:	Suspicious
Quarantine object:	01f69099.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\IObit Uninstaller.exe.dat
Status:	Suspicious
Quarantine object:	3fe4f145.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF4\Driver Booster.exe.dat
Status:	Suspicious
Quarantine object:	654fa464.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Smart Defrag.exe.dat
Status:	Suspicious
Quarantine object:	69b2bbd8.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Start Menu 8.exe
Status:	Suspicious
Quarantine object:	4cbfc1cb.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF4\Smart Defrag.exe.dat
Status:	Suspicious
Quarantine object:	61cbc755.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF3\Smart Defrag.exe
Status:	Infected
Quarantine object:	1de9a3ab.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	PUA/IoBit.ytun
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\Innsetup\Freeware.dat
Status:	Suspicious
Quarantine object:	34e381e4.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF4\Smart Defrag.exe
Status:	Suspicious
Quarantine object:	00ebe6ea.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09


Type:	File
Source:	c:\programdata\iobit\ASCDownloader\IMF4\Advanced SystemCare.exe.dat
Status:	Suspicious
Quarantine object:	134fec24.qua
Restored:	NO
Uploaded to Avira:	NO
Operating system:	Windows XP/VISTA Workstation/Windows 7
Search engine:	unknown
Virus definition file:	unknown
Detection:	Suspicious file
Date/Time:	11.01.2017, 12:09

cosinus · 13.01.2017, 23:56

Du hast schon wieder die addition.txt gepostet, es fehlt aber die FRST.txt

wma927 · 14.01.2017, 00:00

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-01-2017
durchgeführt von W (Administrator) auf ASUS-KLEIN (13-01-2017 22:23:14)
Gestartet von C:\Users\W\Downloads
Geladene Profile: W (Verfügbare Profile: W & WalburgaA & WalburgaA_2)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111488 2015-11-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26287016 2017-01-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6006560 2016-11-01] (IObit)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [26832 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [159568 2016-12-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Atheros Communications)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1475320 2015-03-19] (Research In Motion)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3023136 2016-12-16] (IObit)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {d9a05da4-94cf-11e5-829d-6c71d9ffbf53} - "E:\setup.exe" AUTORUN=1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {f2ea754b-1321-11e5-8269-6c71d9ffbf53} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Start.exe
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Startup: C:\Users\W\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-13]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\WalburgaA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-13]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\WalburgaA_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-13]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{DBD4E8A9-652A-4633-A57C-4B610E4BB4B8}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tageswoche.ch/
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.washingtonpost.com/
hxxp://www.huffingtonpost.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> DefaultScope {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default [2015-09-01]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\user.js [2015-11-23]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mPyt7swg.default -> Google
FF Extension: (Avira Browser Safety) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\Extensions\abs@avira.com [2017-01-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-16] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.washingtonpost.com/
CHR StartupUrls: Default -> "hxxps://www.washingtonpost.com/?reload=true","hxxp://www.tageswoche.ch/","hxxp://www.huffingtonpost.com/politics/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxps://search.avira.net/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.net/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default [2017-01-13]
CHR Extension: (Google Präsentationen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Poper Blocker) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-01-11]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (TV) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2017-01-12]
CHR Extension: (Genius Web Annotator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2017-01-11]
CHR Extension: (Google-Suche) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-03-13]
CHR Extension: (Google Tabellen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Avira Browserschutz) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: („Pin it“-Button) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-03]
CHR Extension: (Awiedno) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkddnpkbopdohfcjcjalflagcmcnpmm [2017-01-12]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-01-03]
CHR Extension: (OldNewsFeed) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacjkeodiliklmpildjkfaciknopckaa [2015-03-13]
CHR Extension: (Cisco WebEx Extension) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-03-17]
CHR Extension: (CHIP Best Deal) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnbfipnegfmpbggccokgcmkokibpkdc [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (True URL) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoeonoajkbigbemkbpklihoggklhblg [2017-01-09]
CHR Extension: (Adblock Pro) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-17]
CHR Extension: (Check My Links) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2015-11-10]
CHR Extension: (This Is Fake) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\peeibjiaceaafioopngfaneonhcdbmhb [2016-12-17]
CHR Extension: (Google Mail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1013024 2016-11-10] (IObit)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-12] (Avira Operations GmbH & Co. KG)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1936672 2016-12-16] (IObit)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299968 2017-01-04] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-11-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc.)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2015-11-15] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2015-11-15] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2015-11-15] (Intel Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2016-03-13] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1600800 2016-10-21] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R3 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1077536 2016-12-05] (IObit)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35416 2016-12-13] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4307192 2016-11-18] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2016-01-25] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [151352 2016-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [153904 2016-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
S3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2015-11-15] (Intel Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2015-11-15] (Intel Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2015-11-15] (Intel Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2016-03-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-03-13] (Intel Corporation)
S3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2016-03-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2016-03-13] (Intel Corporation)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-07-27] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited) [Datei ist nicht signiert]
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-13] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-10-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 HWiNFO32; \??\C:\Users\W\AppData\Local\Temp\HWiNFO64A.SYS [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-13 22:23 - 2017-01-13 22:23 - 00035761 _____ C:\Users\W\Downloads\FRST.txt
2017-01-13 22:22 - 2017-01-13 22:23 - 02419200 _____ (Farbar) C:\Users\W\Downloads\FRST64.exe
2017-01-13 16:53 - 2017-01-13 16:53 - 00000000 ____D C:\Users\W\AppData\Local\AviraSpeedup
2017-01-13 12:42 - 2017-01-13 12:42 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-01-13 12:42 - 2017-01-13 12:42 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-01-12 18:00 - 2017-01-12 18:00 - 01730048 _____ (Farbar) C:\Users\W\Downloads\FRST.exe
2017-01-12 17:54 - 2017-01-12 17:54 - 00000890 _____ C:\Users\W\Downloads\170112 Avira log Events.txt
2017-01-12 17:08 - 2017-01-12 17:08 - 00051001 _____ C:\Users\W\Downloads\170112 scan log malware Addition.txt
2017-01-12 17:06 - 2017-01-12 17:06 - 00051001 _____ C:\Users\W\Desktop\Addition.txt
2017-01-12 17:05 - 2017-01-12 17:06 - 00056683 _____ C:\Users\W\Desktop\FRST.txt
2017-01-12 17:04 - 2017-01-13 22:23 - 00000000 ____D C:\FRST
2017-01-12 17:04 - 2017-01-12 17:04 - 02193920 _____ (Farbar) C:\Users\W\Desktop\FRST64.exe
2017-01-12 16:49 - 2017-01-12 16:49 - 00001066 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-12 16:44 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-01-12 16:44 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-01-12 16:43 - 2017-01-13 07:16 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-12 16:43 - 2017-01-12 16:43 - 00001230 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00001179 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00000000 ____D C:\Users\W\AppData\Local\Avira
2017-01-12 16:42 - 2017-01-12 16:42 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\W\Downloads\avira_en_fass0_5877a2f1825c4__ws.exe
2017-01-12 14:13 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-01-12 14:10 - 2017-01-12 14:10 - 00001195 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2017-01-12 14:05 - 2017-01-12 14:05 - 00003156 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-01-12 14:05 - 2017-01-12 14:05 - 00001180 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-01-12 14:04 - 2017-01-12 14:05 - 00002318 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-01-12 14:04 - 2017-01-12 14:04 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2017-01-12 14:04 - 2017-01-12 14:04 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (W)
2017-01-12 09:05 - 2017-01-12 13:16 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForW.job
2017-01-11 12:53 - 2017-01-13 07:17 - 00000062 _____ C:\Users\W\AppData\Roaming\sp_data.sys
2017-01-11 12:50 - 2017-01-11 12:50 - 00002272 _____ C:\Windows\System32\Tasks\StartMenu8_Start
2017-01-11 12:50 - 2017-01-11 12:50 - 00001220 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2017-01-11 12:50 - 2017-01-11 12:50 - 00000240 _____ C:\Windows\Tasks\StartMenu8_Start.job
2017-01-11 12:35 - 2017-01-11 12:37 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\Users\W\AppData\Roaming\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\ProgramData\SuperBoost
2017-01-11 12:27 - 2017-01-11 12:27 - 00000000 ____D C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E}
2017-01-11 12:27 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-01-11 12:25 - 2017-01-11 12:25 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 12:25 - 2017-01-11 12:25 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 12:20 - 2017-01-11 12:20 - 04964352 _____ C:\Windows\system32\config\drivers.iobit
2017-01-11 12:19 - 2017-01-11 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-08 12:27 - 2017-01-08 12:27 - 00466653 _____ C:\Users\W\Documents\Scan0006.pdf
2017-01-08 12:26 - 2017-01-08 12:26 - 00434838 _____ C:\Users\W\Documents\Scan0005.pdf
2017-01-08 12:25 - 2017-01-08 12:25 - 00385621 _____ C:\Users\W\Documents\Scan0004.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00350924 _____ C:\Users\W\Documents\Scan0003.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00318462 _____ C:\Users\W\Documents\Scan0002.pdf
2017-01-08 12:23 - 2017-01-08 12:23 - 00328248 _____ C:\Users\W\Documents\Scan0001.pdf
2017-01-06 01:04 - 2017-01-06 01:04 - 00051504 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-01-03 13:19 - 2017-01-12 14:04 - 00268800 ___SH C:\Users\W\Desktop\Thumbs.db
2016-12-28 13:08 - 2016-12-28 13:09 - 95503176 _____ (IObit ) C:\Users\W\Downloads\asc-ultimate-setup-cnet.exe
2016-12-28 12:55 - 2017-01-12 13:55 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-12-28 12:50 - 2016-12-28 12:50 - 00040960 _____ C:\Windows\system32\config\SAM.iobit
2016-12-28 12:50 - 2016-12-28 12:50 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 98074624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 00339968 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-12-28 11:59 - 2016-12-28 11:59 - 00000000 ____D C:\ProgramData\BDLogging
2016-12-28 11:59 - 2016-11-02 19:11 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-12-28 11:58 - 2017-01-12 14:11 - 00000270 _____ C:\Windows\Tasks\ASCU10_SkipUac_W.job
2016-12-28 11:58 - 2017-01-11 12:47 - 00002383 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 10.lnk
2016-12-28 11:58 - 2016-12-28 11:59 - 00003022 _____ C:\Windows\System32\Tasks\ASCU10_PerformanceMonitor
2016-12-28 11:58 - 2016-12-28 11:58 - 00002362 _____ C:\Windows\System32\Tasks\ASCU10_SkipUac_W
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-12-25 19:57 - 2016-12-25 19:57 - 00157123 _____ C:\Users\W\Desktop\15724685_1227749577273428_7927209070533867513_o.jpg
2016-12-25 10:13 - 2016-12-25 10:13 - 02964472 _____ (Google) C:\Users\W\Downloads\chrome_cleanup_tool.exe
2016-12-20 13:53 - 2016-12-20 13:53 - 00587805 _____ C:\Users\W\Documents\Scan.pdf
2016-12-14 12:28 - 2016-11-19 22:24 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 12:28 - 2016-11-19 22:24 - 00152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 12:28 - 2016-11-19 20:29 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 12:28 - 2016-11-19 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 12:28 - 2016-11-19 18:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 12:28 - 2016-11-19 18:22 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 12:28 - 2016-11-16 22:49 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-12-14 12:28 - 2016-11-12 22:06 - 00738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-12-14 12:28 - 2016-11-12 20:38 - 00613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-12-14 12:28 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 12:28 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 12:28 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 12:28 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 12:28 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 12:28 - 2016-11-12 19:23 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-12-14 12:28 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 12:28 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 12:28 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 12:28 - 2016-11-12 18:45 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-12-14 12:28 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 12:28 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 12:28 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 12:28 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 12:28 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 12:28 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 12:28 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 12:28 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 12:28 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 12:28 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 12:28 - 2016-11-11 03:33 - 01541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 12:28 - 2016-11-09 18:25 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 12:28 - 2016-11-05 19:35 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 12:28 - 2016-11-05 18:57 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 12:28 - 2016-11-05 18:11 - 03606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 12:28 - 2016-11-05 16:56 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 12:28 - 2016-11-05 16:46 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 12:28 - 2016-10-28 03:56 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 12:28 - 2016-10-27 15:28 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-13 22:02 - 2015-05-15 14:32 - 00000000 ____D C:\Users\W\Documents\Outlook-Dateien
2017-01-13 21:26 - 2015-11-13 15:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-13 21:25 - 2015-03-13 18:15 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-13 21:24 - 2016-09-14 11:03 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-13 20:24 - 2016-09-14 11:03 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-13 12:49 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-13 07:23 - 2014-05-16 00:55 - 00817442 _____ C:\Windows\system32\perfh00C.dat
2017-01-13 07:23 - 2014-05-16 00:55 - 00167144 _____ C:\Windows\system32\perfc00C.dat
2017-01-13 07:23 - 2014-05-16 00:45 - 00793698 _____ C:\Windows\system32\perfh007.dat
2017-01-13 07:23 - 2014-05-16 00:45 - 00168368 _____ C:\Windows\system32\perfc007.dat
2017-01-13 07:23 - 2014-03-18 16:26 - 02820038 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-13 07:23 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-13 07:17 - 2016-09-14 11:05 - 00000000 ___RD C:\Users\W\Dropbox
2017-01-13 07:16 - 2015-03-13 18:10 - 00000000 ___DO C:\Users\W\OneDrive
2017-01-13 07:15 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-13 07:15 - 2013-08-22 15:44 - 00488000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 17:47 - 2015-05-25 10:02 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-1001
2017-01-12 16:51 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-12 16:50 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-12 16:49 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-12 16:49 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Avira
2017-01-12 16:49 - 2015-06-14 08:14 - 00000000 ____D C:\Program Files (x86)\Avira
2017-01-12 16:43 - 2014-10-15 20:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-12 14:12 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-01-12 14:10 - 2016-11-15 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2017-01-12 14:05 - 2016-05-17 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-12 14:05 - 2015-05-25 22:26 - 00000000 ____D C:\ProgramData\ProductData
2017-01-12 14:04 - 2016-11-17 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-01-12 13:51 - 2015-03-14 19:09 - 00000000 ____D C:\Users\W\AppData\Local\ElevatedDiagnostics
2017-01-12 13:18 - 2015-04-10 14:54 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-12 09:05 - 2016-07-14 18:29 - 00003144 _____ C:\Windows\System32\Tasks\HPCeeScheduleForW
2017-01-12 08:37 - 2015-03-29 15:41 - 00000000 ____D C:\Users\W\Desktop\klondike how tos
2017-01-12 08:30 - 2015-03-13 19:33 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 08:28 - 2015-03-13 19:33 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 07:43 - 2015-04-13 11:54 - 00000000 ____D C:\Users\W\Documents\Dies & Das
2017-01-11 20:32 - 2014-10-15 20:39 - 00000000 ____D C:\Windows\softwaredistribution.bak
2017-01-11 12:55 - 2015-04-10 14:54 - 00000000 ____D C:\ProgramData\IObit
2017-01-11 12:50 - 2015-04-10 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2017-01-11 12:24 - 2015-11-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2017-01-11 12:19 - 2016-09-14 11:03 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-01-11 07:26 - 2015-11-13 15:34 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-09 13:34 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\Packages
2017-01-08 23:00 - 2015-05-25 06:44 - 00000000 ____D C:\Users\W\Desktop\dies und das
2017-01-05 00:49 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W
2017-01-05 00:48 - 2016-07-06 14:00 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2017-01-05 00:48 - 2015-05-28 00:15 - 00000000 ____D C:\Users\W\AppData\Roaming\ProductData
2017-01-05 00:48 - 2015-04-10 14:56 - 00000000 ____D C:\Users\W\AppData\LocalLow\IObit
2017-01-05 00:48 - 2015-04-10 14:54 - 00000000 ____D C:\Users\W\AppData\Roaming\IObit
2017-01-05 00:48 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2
2017-01-05 00:48 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA
2017-01-05 00:48 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\ASUS
2017-01-05 00:48 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\P4G
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2017-01-05 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration
2017-01-03 13:19 - 2015-11-02 13:00 - 00000000 ____D C:\Users\W\Desktop\basel sell & buy
2016-12-29 08:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\catroot
2016-12-29 08:26 - 2015-04-27 14:39 - 00000000 ____D C:\Users\W\AppData\Roaming\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ____D C:\ProgramData\Skype
2016-12-28 12:56 - 2013-08-22 14:36 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-28 12:55 - 2016-11-17 09:22 - 00000389 _____ C:\Windows\Backup.ini
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-28 12:48 - 2014-10-15 20:50 - 00000000 ____D C:\AsusVibeData
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-28 12:46 - 2015-12-20 13:23 - 00000000 ___RD C:\Users\W\Documents\Scanned Documents
2016-12-28 12:46 - 2015-10-12 22:30 - 00000000 ____D C:\Users\W\AppData\Local\Viber
2016-12-28 12:46 - 2015-09-07 14:30 - 00000000 ____D C:\Users\W\AppData\Local\Information Factory
2016-12-28 12:46 - 2015-06-18 22:44 - 00000000 ____D C:\Users\W\Downloads\BLACKBERRY-827B
2016-12-28 12:46 - 2015-06-09 04:40 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-05-04 15:46 - 00000000 ____D C:\Users\W\AppData\Local\PDFCreator
2016-12-28 12:46 - 2015-04-13 15:24 - 00000000 ____D C:\Users\W\Documents\Jobs
2016-12-28 12:46 - 2015-04-13 15:23 - 00000000 ____D C:\Users\W\Documents\IT & Technik
2016-12-28 12:46 - 2015-04-13 14:51 - 00000000 ____D C:\Users\W\Documents\Global Health
2016-12-28 12:46 - 2015-04-13 11:56 - 00000000 ____D C:\Users\W\Documents\Finanzen alles
2016-12-28 12:46 - 2015-04-13 11:21 - 00000000 ____D C:\Users\W\Documents\WM privat
2016-12-28 12:46 - 2015-04-13 11:20 - 00000000 ____D C:\Users\W\Documents\ViberDownloads
2016-12-28 12:46 - 2015-04-13 10:18 - 00000000 ____D C:\Users\W\Documents\Travel
2016-12-28 12:46 - 2015-04-13 10:15 - 00000000 ____D C:\Users\W\Documents\Shopping
2016-12-28 12:46 - 2015-04-13 10:14 - 00000000 ____D C:\Users\W\Documents\pass & dokumente
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Küche & Keller
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Korrespondenz
2016-12-28 12:46 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-13 19:51 - 00000000 ____D C:\Users\W\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Videos
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Music
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Links
2016-12-28 12:46 - 2014-10-15 20:42 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2016-12-28 08:12 - 2015-09-07 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BalTax
2016-12-27 06:01 - 2013-08-22 16:36 - 00000000 __RSD C:\Windows\assembly
2016-12-26 12:26 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-26 12:24 - 2015-03-16 21:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-20 03:47 - 2015-05-25 06:52 - 00262144 _____ C:\Users\Public\NTUSER.DAT
2016-12-17 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-12-16 22:25 - 2015-05-15 17:20 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e
2016-12-16 22:25 - 2015-03-13 18:15 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 16:25 - 2015-03-13 18:15 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 16:25 - 2015-03-13 18:15 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-22 20:37 - 2017-01-05 00:27 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.Exception.log
2015-05-22 20:36 - 2015-05-22 20:36 - 0001111 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-22 20:37 - 2017-01-05 00:26 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.DesktopHelper.Exception.log
2017-01-11 12:53 - 2017-01-13 07:17 - 0000062 _____ () C:\Users\W\AppData\Roaming\sp_data.sys
2015-08-01 15:11 - 2015-08-01 15:11 - 0005632 _____ () C:\Users\W\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-05 07:36 - 2016-12-05 07:37 - 0000000 _____ () C:\Users\W\AppData\Local\{AA28E808-D671-4703-8CEF-BBE7E3053563}
2016-07-06 14:05 - 2016-07-06 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
C:\Users\WalburgaA_2\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-09 05:29

==================== Ende von FRST.txt ============================

--- --- ---

cosinus · 14.01.2017, 00:21

+++ WICHTIGER HINWEIS +++

Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?

Zitat:

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}

Bitte alle drei deinstallieren. Wenn wir hier durch sind, gibt es Empfehlungen zu besseren AVs.

wma927 · 14.01.2017, 00:55

Hallo Cosinus,
Wann genau legt ihr los? wg Virenscanner deaktivieren ...
Walburga

sollten jetzt alle 3 stillgelegt bzw deinstalliert sein ....
WM

cosinus · 14.01.2017, 14:21

Dann bitte neue FRST-LOgs

wma927 · 14.01.2017, 18:41

[CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-01-2017
durchgeführt von W (14-01-2017 18:36:41)
Gestartet von C:\Users\W\Downloads
Windows 8.1 (Update) (X64) (2015-03-13 17:07:21)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-4242665128-3801008343-3756527368-500 - Administrator - Disabled)
Gast (S-1-5-21-4242665128-3801008343-3756527368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4242665128-3801008343-3756527368-1003 - Limited - Enabled)
W (S-1-5-21-4242665128-3801008343-3756527368-1001 - Administrator - Enabled) => C:\Users\W
WalburgaA (S-1-5-21-4242665128-3801008343-3756527368-1004 - Limited - Enabled) => C:\Users\WalburgaA
WalburgaA_2 (S-1-5-21-4242665128-3801008343-3756527368-1005 - Limited - Enabled) => C:\Users\WalburgaA_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.3.19655 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
BalTax 2014 10.3.0 (HKLM-x32\...\6456-0709-2578-5305) (Version: 10.3.0 - Information Factory AG)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.3.0 - Conexant)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spotify (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.1.2 - IObit)
Viber (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0342BFFA-1607-4B26-A43C-C4AA152AA97C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {0FEE4DC3-3CAA-479F-9417-6AF1D462FAEF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {10C22233-22D1-4985-83D7-26EA6DCDBCEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {1401C5ED-FB6B-4CC7-ACA4-1B63F7BE8D66} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {160B2967-201E-4798-AF01-110AA11799C4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {1B188FBC-CBE6-45C3-A213-D566E6BBCFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {1E8610D1-DAAD-45EE-AEF9-60CF36C57CF4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {246C0A6B-6A80-442C-A94D-5FBCCBD34064} - \Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-500 -> Keine Datei <==== ACHTUNG
Task: {2910A9B7-00AD-4EEB-B6C9-927B25E7E0E9} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {2C3EBB37-E372-47BF-AA9B-7344DB5F624D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {2D3F43BE-DB01-43CC-B9FF-47575B2433F1} - System32\Tasks\ASCU8_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: {2EA02241-0B03-408F-B83B-7C902900B8FF} - System32\Tasks\Uninstaller_SkipUac_W => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {364E78CB-8F52-46BE-B238-EC7BF0F7960C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {39608701-DBEC-4F19-8A9F-2B3FD009FCF3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {3DBB24AE-FDCE-4666-BC02-9FDB77BFF611} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {3DD3B6F9-E321-4828-A255-7D7F6CECE88D} - System32\Tasks\HPCeeScheduleForW => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {40831A6D-1DBD-4094-8BDC-DB6537DF6ACC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {4695E224-12EF-44AD-AE15-C75A4DB9C1D6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {4845DFF6-45BE-4901-A88B-766B40B6C531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {48DFFBFB-C1E4-43FB-AAB0-772F322E9EE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {4C904833-F10F-42DD-B018-9099D51B5A86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5110E657-D3DD-416A-96ED-FB9A4021657D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {54FD2185-D0BC-4F2D-9568-029537E6B572} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {550A1FE6-D5EF-4F39-9559-B9ED09BA2F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {5A608E78-575C-41FA-ABFD-339F9A1A1EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5CA7B546-0C0E-41B5-A83C-61A8B2F9FE8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {5EA0F6CA-D44B-47E5-A977-C631BE9750D4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {6B06E695-1468-45F2-8107-2002312A5B8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {7A92A124-AB57-4689-BDC1-D338DCAF4A61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {83CA6AC7-F7C8-4DC2-8F60-BBC037B4AA48} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {855DE6AB-33A8-400D-939E-7BE1F1AE7654} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {86178183-17F5-4BA7-BC6E-4E390CF63EDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {8644FDE7-79EA-43C5-97D6-934D3EBD2566} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {89E5B5A1-C55F-4BE2-9370-A2CD7CA15B12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {AC1AE724-565B-440F-9D99-64BD1870B476} - System32\Tasks\{C899D39E-45DD-45B2-A29B-4C51F80917CF} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B1808870-E8C8-4B57-98C3-8D4B26BE2E01} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B7B5D5D0-1713-4348-B0A7-E98675483F7C} - System32\Tasks\Driver Booster SkipUAC (W) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {B80C527B-82B1-4B34-B2ED-109A7D3EA85B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C733BA11-DEE8-44A5-BF13-A08E1F4ACD3A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {D3B1AE45-944C-42A6-A96E-EC986892BE4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D4211F9A-2116-4A21-8804-557BCD1141BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {DAD6039A-7170-48A1-8431-23477DAF2D3E} - System32\Tasks\ASCU10_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-12-16] (IObit)
Task: {E8068A8A-1B36-4C21-B476-11564C67DC2C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {F5AE5400-C680-4B8E-AFEE-ADC6CA9BA7C7} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASCU10_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: C:\Windows\Tasks\ASCU8_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_W.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-15 20:39 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-19 12:01 - 2015-03-19 12:01 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-02-24 11:59 - 2014-02-24 11:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2017-01-14 01:14 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-12-04 10:19 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2016-12-28 11:58 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll
2017-01-12 14:05 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-01-12 14:05 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-01-11 12:50 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-01-11 12:50 - 2016-10-20 09:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2017-01-11 12:50 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2015-03-19 15:29 - 2015-03-19 15:29 - 00055032 _____ () C:\Program Files (x86)\Common Files\XCPCSync.OEM\SyncSDK.209.604\Translators\MSOl\rMSOLDE.dll
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-09-14 11:04 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-01-11 12:19 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-14 11:04 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00021328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00052032 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-11 12:19 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00026464 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-14 11:04 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00023384 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00022360 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00024400 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-01-11 12:19 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-01-11 12:19 - 2017-01-06 01:03 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-01-11 12:19 - 2017-01-06 01:04 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020296 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2017-01-11 12:19 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-01-11 12:19 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-01-11 12:19 - 2017-01-06 01:04 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00024920 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-28 11:58 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\webres.dll
2016-12-28 11:58 - 2016-11-09 14:35 - 00631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll
2014-10-15 20:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-11 18:59 - 2017-01-11 18:59 - 17835096 _____ () C:\Users\W\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2016-12-04 10:19 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-04 10:19 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2016-09-20 02:23 - 2016-09-20 02:23 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-03 03:28 - 2015-05-03 03:28 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2017-01-14 01:15 - 2017-01-14 01:15 - 01041608 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dc 2009 cherry blossom.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Swiss Media Research =>
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Swiss Media Research"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{691CF345-DD69-404F-AF5D-6F4559782239}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{20468303-425B-4EEF-9CF2-CB9B667877CF}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A36E65A0-12AE-401F-B4EB-772BF0F8E1E9}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{77F93656-1433-4630-BD7C-E720231F1DC5}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{1DE267D5-A1AF-46D6-BB84-678F68CC5E84}] => LPort=4481
FirewallRules: [{22584053-CCF2-48FA-B4DB-17B85D4A4D99}] => LPort=4481
FirewallRules: [{FE52E7C5-DA41-41EA-BA15-E3AAEA4110AD}] => LPort=4482
FirewallRules: [{AD828279-8620-49EF-8955-492B1B2F638B}] => LPort=4482
FirewallRules: [TCP Query User{82BDC133-2312-4BAF-8D46-7D68548E2438}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{25AB6BF8-A186-488E-B239-C6FB6BFECC7C}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CF7D7C9-3290-48FB-8336-CC4EDBF77924}] => C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{DA5E6717-0863-4AD6-8CB4-E350F6941D2F}] => C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{94312F5D-797E-4DD8-B3BB-540277322EA7}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{6C4FBF2E-085C-47B2-B693-E39F9920408B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{A32968A8-76A3-4228-AF59-4C0EEA8FB02C}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{29C75D54-A4F9-4459-9812-1936D981D03F}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{C1E0DF48-FF76-4E7B-8FC9-AB3F0FC95967}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3601AE15-869E-48B2-AFCE-55E105C11061}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C3620875-5C70-4145-B20F-5293F40C2FF0}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC0F178A-5676-4D57-BE7F-50804D499185}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6EB504D7-AA49-4638-A3A0-50F3D0ADB71F}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A125D56A-2E3C-458F-A69C-9E4B14FAF15B}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA9B8A09-581B-4167-8AEB-FA3B89625855}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B1EEAC93-F801-48D6-AC66-3C2B14074556}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A41AF319-88AA-4D4D-B37C-DC812E678C7E}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D6E05F4F-52FC-433B-B3AA-5E933AA99D67}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC01E046-1852-4524-A703-D2116F68448B}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{98587A68-0360-4057-8319-C1793D3D52A3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{E05D331A-6921-4271-9622-AD1F1B469ADA}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{294EE63A-E5AB-4C08-ACB0-5EFC9B0A1A25}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{A285D6A6-BA0F-4E71-A956-C798412A53E3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3510B7E4-F0DA-4328-9444-37B49694C78D}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{885CCE20-D2D0-418E-A684-D7183BE6F03A}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{EA57B3A8-6643-4EC8-9958-191B7015BA39}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{63D24422-F0BD-417D-B1E8-CF6972A5B421}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{785E03D9-876A-4504-8699-B3C88F6788A2}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{77F70256-B007-40A4-81B2-A97C00F0F506}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{B98762E4-1E97-46D9-88C6-D42B3DB4BF78}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{1EAD28E8-83F0-4031-A147-39D05CC7FC11}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{5B288256-58A1-446F-A369-83F9BA1276F0}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7CF04991-30DC-4C5A-8CCA-7CA75906989E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{0FC51FDA-052A-480A-BBE0-FCE7DCD3416E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{D7590519-D3F1-49B2-8B6E-E9166910CB7B}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{BFD1D46B-0E6D-49C2-BA07-DB5EC992DD4E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{5E6FAF82-21B1-4AD6-A48C-E341ABA90A39}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{716992DF-C895-43E7-A1CA-E3FB78C59ACA}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

14-01-2017 09:55:29 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/14/2017 09:42:49 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.

Kontext: Windows Anwendung

Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)

Error: (01/14/2017 01:16:34 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.

Kontext: Anwendung, SystemIndex Katalog

Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)

Error: (01/14/2017 01:16:34 AM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1邐10 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.

Kontext: Anwendung, SystemIndex Katalog

Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)

Error: (01/14/2017 01:05:00 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1

Error: (01/14/2017 01:05:00 AM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmService
CreateApplicationList: dptfFrameworkHandle is NULL.

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceMain: ServiceStart() failed.

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Systemfehler:
=============
Error: (01/14/2017 01:15:43 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/14/2017 12:59:31 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/14/2017 12:52:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/13/2017 11:29:30 PM) (Source: BROWSER) (EventID: 8019) (User: )
Description: Der Suchdienst konnte sich nicht selbst zum Hauptsuchdienst heraufstufen. Der Suchdienst wird weiterhin
versuchen, sich selbst heraufzustufen, wird aber keine Ereignisse mehr protokollieren.

Error: (01/13/2017 10:23:39 PM) (Source: BROWSER) (EventID: 8020) (User: )
Description: Der Suchdienst konnte sich nicht selbst zur Funktion als Hauptsuchdienst heraufstufen.
Der Computer, der zurzeit die Funktion als Hauptsuchdienst erfüllt, ist unbekannt.

Error: (01/13/2017 04:56:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/12/2017 02:10:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StartMenu8 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

CodeIntegrity:
===================================
Date: 2017-01-11 14:21:55.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-10 08:10:01.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-07 09:28:52.157
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:58:49.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:50:20.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:32:12.912
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:02:49.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-04 23:56:35.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-04 23:53:40.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-08 22:44:46.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8075.11 MB
Verfügbarer physikalischer RAM: 4241.54 MB
Summe virtueller Speicher: 19851.11 MB
Verfügbarer virtueller Speicher: 15422.34 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:8.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:121.98 GB) (Free:107.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FDF0BB21)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

[CODE
FRST Logfile:

	Code: 

 ATTFilter

  
	Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
durchgeführt von W (Administrator) auf ASUS-KLEIN (14-01-2017 18:36:19)
Gestartet von C:\Users\W\Downloads
Geladene Profile: W (Verfügbare Profile: W & WalburgaA & WalburgaA_2)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111488 2015-11-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26287016 2017-01-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [26832 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [159568 2016-12-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Atheros Communications)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1475320 2015-03-19] (Research In Motion)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3023136 2016-12-16] (IObit)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {d9a05da4-94cf-11e5-829d-6c71d9ffbf53} - "E:\setup.exe" AUTORUN=1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {f2ea754b-1321-11e5-8269-6c71d9ffbf53} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Start.exe
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{DBD4E8A9-652A-4633-A57C-4B610E4BB4B8}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tageswoche.ch/
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.washingtonpost.com/
hxxp://www.huffingtonpost.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> DefaultScope {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default [2015-09-01]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\user.js [2015-11-23]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mPyt7swg.default -> Google
FF Extension: (Avira Browser Safety) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\Extensions\abs@avira.com [2017-01-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-16] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.washingtonpost.com/
CHR StartupUrls: Default -> "hxxps://www.washingtonpost.com/?reload=true","hxxp://www.tageswoche.ch/","hxxp://www.huffingtonpost.com/politics/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxps://search.avira.net/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.net/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Präsentationen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Poper Blocker) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-01-11]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (TV) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2017-01-12]
CHR Extension: (Genius Web Annotator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2017-01-11]
CHR Extension: (Google-Suche) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-03-13]
CHR Extension: (Google Tabellen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Avira Browserschutz) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: („Pin it“-Button) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-03]
CHR Extension: (Awiedno) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkddnpkbopdohfcjcjalflagcmcnpmm [2017-01-12]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-01-03]
CHR Extension: (OldNewsFeed) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacjkeodiliklmpildjkfaciknopckaa [2015-03-13]
CHR Extension: (Cisco WebEx Extension) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-03-17]
CHR Extension: (CHIP Best Deal) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnbfipnegfmpbggccokgcmkokibpkdc [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (True URL) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoeonoajkbigbemkbpklihoggklhblg [2017-01-09]
CHR Extension: (Adblock Pro) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-17]
CHR Extension: (Check My Links) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2015-11-10]
CHR Extension: (This Is Fake) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\peeibjiaceaafioopngfaneonhcdbmhb [2016-12-17]
CHR Extension: (Google Mail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1013024 2016-11-10] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1936672 2016-12-16] (IObit)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299968 2017-01-04] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc.)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2015-11-15] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2015-11-15] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2015-11-15] (Intel Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2016-03-13] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R3 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1077536 2016-12-05] (IObit)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35416 2016-12-13] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4307192 2016-11-18] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2016-01-25] (ASUS Corporation)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
S3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2015-11-15] (Intel Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2015-11-15] (Intel Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2015-11-15] (Intel Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2016-03-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-03-13] (Intel Corporation)
S3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2016-03-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2016-03-13] (Intel Corporation)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-10-27] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited) [Datei ist nicht signiert]
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-13] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-10-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 HWiNFO32; \??\C:\Users\W\AppData\Local\Temp\HWiNFO64A.SYS [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-14 18:36 - 2017-01-14 18:36 - 02419200 _____ (Farbar) C:\Users\W\Downloads\FRST64.exe
2017-01-14 18:36 - 2017-01-14 18:36 - 00000000 ____D C:\Users\W\Downloads\FRST-OlderVersion
2017-01-14 18:34 - 2017-01-14 18:34 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-01-14 18:34 - 2017-01-14 18:34 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-01-14 01:01 - 2016-10-27 13:54 - 00183576 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2017-01-13 23:59 - 2017-01-13 23:59 - 00152354 _____ C:\Users\W\Downloads\quarantaene.txt
2017-01-13 22:23 - 2017-01-14 18:36 - 00032585 _____ C:\Users\W\Downloads\FRST.txt
2017-01-13 22:23 - 2017-01-13 22:44 - 00051895 _____ C:\Users\W\Downloads\Addition.txt
2017-01-13 16:53 - 2017-01-13 16:53 - 00000000 ____D C:\Users\W\AppData\Local\AviraSpeedup
2017-01-12 17:54 - 2017-01-12 17:54 - 00000890 _____ C:\Users\W\Downloads\170112 Avira log Events.txt
2017-01-12 17:08 - 2017-01-12 17:08 - 00051001 _____ C:\Users\W\Downloads\170112 scan log malware Addition.txt
2017-01-12 17:06 - 2017-01-12 17:06 - 00051001 _____ C:\Users\W\Desktop\Addition.txt
2017-01-12 17:05 - 2017-01-12 17:06 - 00056683 _____ C:\Users\W\Desktop\FRST.txt
2017-01-12 17:04 - 2017-01-14 18:36 - 00000000 ____D C:\FRST
2017-01-12 17:04 - 2017-01-12 17:04 - 02193920 _____ (Farbar) C:\Users\W\Desktop\FRST64.exe
2017-01-12 16:49 - 2017-01-12 16:49 - 00001066 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-12 16:44 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-01-12 16:44 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-01-12 16:43 - 2017-01-14 01:00 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-12 16:43 - 2017-01-12 16:43 - 00001230 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00001179 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00000000 ____D C:\Users\W\AppData\Local\Avira
2017-01-12 16:42 - 2017-01-12 16:42 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\W\Downloads\avira_en_fass0_5877a2f1825c4__ws.exe
2017-01-12 14:13 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-01-12 14:05 - 2017-01-12 14:05 - 00003156 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-01-12 14:05 - 2017-01-12 14:05 - 00001180 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-01-12 14:04 - 2017-01-12 14:05 - 00002318 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-01-12 14:04 - 2017-01-12 14:04 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2017-01-12 14:04 - 2017-01-12 14:04 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (W)
2017-01-12 09:05 - 2017-01-12 13:16 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForW.job
2017-01-11 12:53 - 2017-01-14 01:01 - 00000062 _____ C:\Users\W\AppData\Roaming\sp_data.sys
2017-01-11 12:50 - 2017-01-14 00:43 - 00000240 _____ C:\Windows\Tasks\StartMenu8_Start.job
2017-01-11 12:50 - 2017-01-11 12:50 - 00002272 _____ C:\Windows\System32\Tasks\StartMenu8_Start
2017-01-11 12:50 - 2017-01-11 12:50 - 00001220 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2017-01-11 12:35 - 2017-01-11 12:37 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\Users\W\AppData\Roaming\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\ProgramData\SuperBoost
2017-01-11 12:27 - 2017-01-11 12:27 - 00000000 ____D C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E}
2017-01-11 12:27 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-01-11 12:25 - 2017-01-11 12:25 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 12:25 - 2017-01-11 12:25 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 12:20 - 2017-01-11 12:20 - 04964352 _____ C:\Windows\system32\config\drivers.iobit
2017-01-11 12:19 - 2017-01-11 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-08 12:27 - 2017-01-08 12:27 - 00466653 _____ C:\Users\W\Documents\Scan0006.pdf
2017-01-08 12:26 - 2017-01-08 12:26 - 00434838 _____ C:\Users\W\Documents\Scan0005.pdf
2017-01-08 12:25 - 2017-01-08 12:25 - 00385621 _____ C:\Users\W\Documents\Scan0004.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00350924 _____ C:\Users\W\Documents\Scan0003.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00318462 _____ C:\Users\W\Documents\Scan0002.pdf
2017-01-08 12:23 - 2017-01-08 12:23 - 00328248 _____ C:\Users\W\Documents\Scan0001.pdf
2017-01-06 01:04 - 2017-01-06 01:04 - 00051504 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-01-03 13:19 - 2017-01-12 14:04 - 00268800 ___SH C:\Users\W\Desktop\Thumbs.db
2016-12-28 13:08 - 2016-12-28 13:09 - 95503176 _____ (IObit ) C:\Users\W\Downloads\asc-ultimate-setup-cnet.exe
2016-12-28 12:55 - 2017-01-12 13:55 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-12-28 12:50 - 2016-12-28 12:50 - 00040960 _____ C:\Windows\system32\config\SAM.iobit
2016-12-28 12:50 - 2016-12-28 12:50 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 98074624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 00339968 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-12-28 11:59 - 2016-12-28 11:59 - 00000000 ____D C:\ProgramData\BDLogging
2016-12-28 11:59 - 2016-11-02 19:11 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-12-28 11:58 - 2017-01-14 01:00 - 00002383 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 10.lnk
2016-12-28 11:58 - 2017-01-14 00:40 - 00000270 _____ C:\Windows\Tasks\ASCU10_SkipUac_W.job
2016-12-28 11:58 - 2016-12-28 11:59 - 00003022 _____ C:\Windows\System32\Tasks\ASCU10_PerformanceMonitor
2016-12-28 11:58 - 2016-12-28 11:58 - 00002362 _____ C:\Windows\System32\Tasks\ASCU10_SkipUac_W
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-12-25 19:57 - 2016-12-25 19:57 - 00157123 _____ C:\Users\W\Desktop\15724685_1227749577273428_7927209070533867513_o.jpg
2016-12-25 10:13 - 2016-12-25 10:13 - 02964472 _____ (Google) C:\Users\W\Downloads\chrome_cleanup_tool.exe
2016-12-20 13:53 - 2016-12-20 13:53 - 00587805 _____ C:\Users\W\Documents\Scan.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-14 18:31 - 2015-05-15 14:32 - 00000000 ____D C:\Users\W\Documents\Outlook-Dateien
2017-01-14 09:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-14 09:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-14 01:26 - 2015-11-13 15:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-14 01:25 - 2015-03-13 18:15 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-14 01:24 - 2016-09-14 11:03 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-14 01:16 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-14 01:15 - 2015-03-16 21:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-14 01:10 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-14 01:09 - 2015-05-25 10:02 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-1001
2017-01-14 01:06 - 2014-05-16 00:55 - 00817442 _____ C:\Windows\system32\perfh00C.dat
2017-01-14 01:06 - 2014-05-16 00:55 - 00167144 _____ C:\Windows\system32\perfc00C.dat
2017-01-14 01:06 - 2014-05-16 00:45 - 00793698 _____ C:\Windows\system32\perfh007.dat
2017-01-14 01:06 - 2014-05-16 00:45 - 00168368 _____ C:\Windows\system32\perfc007.dat
2017-01-14 01:06 - 2014-03-18 16:26 - 02820038 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-14 01:00 - 2016-09-14 11:05 - 00000000 ___RD C:\Users\W\Dropbox
2017-01-14 00:59 - 2016-09-14 11:03 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-14 00:59 - 2015-03-13 18:10 - 00000000 ___DO C:\Users\W\OneDrive
2017-01-14 00:59 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-14 00:58 - 2015-06-14 08:14 - 00000000 ____D C:\Program Files (x86)\Avira
2017-01-14 00:55 - 2015-04-10 14:54 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-14 00:55 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-01-14 00:51 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-13 07:15 - 2013-08-22 15:44 - 00488000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 16:51 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-12 16:49 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Avira
2017-01-12 16:43 - 2014-10-15 20:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-12 14:05 - 2016-05-17 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-12 14:05 - 2015-05-25 22:26 - 00000000 ____D C:\ProgramData\ProductData
2017-01-12 14:04 - 2016-11-17 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-01-12 13:51 - 2015-03-14 19:09 - 00000000 ____D C:\Users\W\AppData\Local\ElevatedDiagnostics
2017-01-12 09:05 - 2016-07-14 18:29 - 00003144 _____ C:\Windows\System32\Tasks\HPCeeScheduleForW
2017-01-12 08:37 - 2015-03-29 15:41 - 00000000 ____D C:\Users\W\Desktop\klondike how tos
2017-01-12 08:30 - 2015-03-13 19:33 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 08:28 - 2015-03-13 19:33 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 07:43 - 2015-04-13 11:54 - 00000000 ____D C:\Users\W\Documents\Dies & Das
2017-01-11 20:32 - 2014-10-15 20:39 - 00000000 ____D C:\Windows\softwaredistribution.bak
2017-01-11 12:55 - 2015-04-10 14:54 - 00000000 ____D C:\ProgramData\IObit
2017-01-11 12:50 - 2015-04-10 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2017-01-11 12:24 - 2015-11-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2017-01-11 12:19 - 2016-09-14 11:03 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-01-11 07:26 - 2015-11-13 15:34 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-09 13:34 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\Packages
2017-01-08 23:00 - 2015-05-25 06:44 - 00000000 ____D C:\Users\W\Desktop\dies und das
2017-01-05 00:49 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W
2017-01-05 00:48 - 2016-07-06 14:00 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2017-01-05 00:48 - 2015-05-28 00:15 - 00000000 ____D C:\Users\W\AppData\Roaming\ProductData
2017-01-05 00:48 - 2015-04-10 14:56 - 00000000 ____D C:\Users\W\AppData\LocalLow\IObit
2017-01-05 00:48 - 2015-04-10 14:54 - 00000000 ____D C:\Users\W\AppData\Roaming\IObit
2017-01-05 00:48 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2
2017-01-05 00:48 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA
2017-01-05 00:48 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\ASUS
2017-01-05 00:48 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\P4G
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2017-01-05 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration
2017-01-03 13:19 - 2015-11-02 13:00 - 00000000 ____D C:\Users\W\Desktop\basel sell & buy
2016-12-29 08:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\catroot
2016-12-29 08:26 - 2015-04-27 14:39 - 00000000 ____D C:\Users\W\AppData\Roaming\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ____D C:\ProgramData\Skype
2016-12-28 12:56 - 2013-08-22 14:36 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-28 12:55 - 2016-11-17 09:22 - 00000389 _____ C:\Windows\Backup.ini
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-28 12:48 - 2014-10-15 20:50 - 00000000 ____D C:\AsusVibeData
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-28 12:46 - 2015-12-20 13:23 - 00000000 ___RD C:\Users\W\Documents\Scanned Documents
2016-12-28 12:46 - 2015-10-12 22:30 - 00000000 ____D C:\Users\W\AppData\Local\Viber
2016-12-28 12:46 - 2015-09-07 14:30 - 00000000 ____D C:\Users\W\AppData\Local\Information Factory
2016-12-28 12:46 - 2015-06-18 22:44 - 00000000 ____D C:\Users\W\Downloads\BLACKBERRY-827B
2016-12-28 12:46 - 2015-06-09 04:40 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-05-04 15:46 - 00000000 ____D C:\Users\W\AppData\Local\PDFCreator
2016-12-28 12:46 - 2015-04-13 15:24 - 00000000 ____D C:\Users\W\Documents\Jobs
2016-12-28 12:46 - 2015-04-13 15:23 - 00000000 ____D C:\Users\W\Documents\IT & Technik
2016-12-28 12:46 - 2015-04-13 14:51 - 00000000 ____D C:\Users\W\Documents\Global Health
2016-12-28 12:46 - 2015-04-13 11:56 - 00000000 ____D C:\Users\W\Documents\Finanzen alles
2016-12-28 12:46 - 2015-04-13 11:21 - 00000000 ____D C:\Users\W\Documents\WM privat
2016-12-28 12:46 - 2015-04-13 11:20 - 00000000 ____D C:\Users\W\Documents\ViberDownloads
2016-12-28 12:46 - 2015-04-13 10:18 - 00000000 ____D C:\Users\W\Documents\Travel
2016-12-28 12:46 - 2015-04-13 10:15 - 00000000 ____D C:\Users\W\Documents\Shopping
2016-12-28 12:46 - 2015-04-13 10:14 - 00000000 ____D C:\Users\W\Documents\pass & dokumente
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Küche & Keller
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Korrespondenz
2016-12-28 12:46 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-13 19:51 - 00000000 ____D C:\Users\W\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Videos
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Music
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Links
2016-12-28 12:46 - 2014-10-15 20:42 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2016-12-28 08:12 - 2015-09-07 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BalTax
2016-12-20 03:47 - 2015-05-25 06:52 - 00262144 _____ C:\Users\Public\NTUSER.DAT
2016-12-17 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-12-16 22:25 - 2015-05-15 17:20 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e
2016-12-16 22:25 - 2015-03-13 18:15 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 16:25 - 2015-03-13 18:15 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 16:25 - 2015-03-13 18:15 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-22 20:37 - 2017-01-05 00:27 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.Exception.log
2015-05-22 20:36 - 2015-05-22 20:36 - 0001111 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-22 20:37 - 2017-01-05 00:26 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.DesktopHelper.Exception.log
2017-01-11 12:53 - 2017-01-14 01:01 - 0000062 _____ () C:\Users\W\AppData\Roaming\sp_data.sys
2015-08-01 15:11 - 2015-08-01 15:11 - 0005632 _____ () C:\Users\W\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-05 07:36 - 2016-12-05 07:37 - 0000000 _____ () C:\Users\W\AppData\Local\{AA28E808-D671-4703-8CEF-BBE7E3053563}
2016-07-06 14:05 - 2016-07-06 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
C:\Users\WalburgaA_2\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-09 05:29

==================== Ende von FRST.txt ============================
         
 --- --- ---
]

wma927 · 14.01.2017, 18:46

bitte letzte nachricht ignorieren - DIES sind die richtigen Logs:

[CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-01-2017
durchgeführt von W (14-01-2017 18:42:52)
Gestartet von C:\Users\W\Downloads
Windows 8.1 (Update) (X64) (2015-03-13 17:07:21)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-4242665128-3801008343-3756527368-500 - Administrator - Disabled)
Gast (S-1-5-21-4242665128-3801008343-3756527368-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4242665128-3801008343-3756527368-1003 - Limited - Enabled)
W (S-1-5-21-4242665128-3801008343-3756527368-1001 - Administrator - Enabled) => C:\Users\W
WalburgaA (S-1-5-21-4242665128-3801008343-3756527368-1004 - Limited - Enabled) => C:\Users\WalburgaA
WalburgaA_2 (S-1-5-21-4242665128-3801008343-3756527368-1005 - Limited - Enabled) => C:\Users\WalburgaA_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate (Disabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 7.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 20.2.145.43581 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 20.2.145.43581 - Alcor Micro Corp.) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Connect (HKLM-x32\...\{845380e2-f0b5-4584-bc40-cc54345b3c06}) (Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.41287 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.3.19655 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
BalTax 2014 10.3.0 (HKLM-x32\...\6456-0709-2578-5305) (Version: 10.3.0 - Information Factory AG)
BlackBerry 10 Desktop Software (HKLM-x32\...\{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.3.0 - Conexant)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.1.0.418 - IObit)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA Graphics Driver 332.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.4.0 - IObit)
Spotify (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.1.2 - IObit)
Viber (HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0342BFFA-1607-4B26-A43C-C4AA152AA97C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {0FEE4DC3-3CAA-479F-9417-6AF1D462FAEF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-11-21] (IObit)
Task: {10C22233-22D1-4985-83D7-26EA6DCDBCEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {1401C5ED-FB6B-4CC7-ACA4-1B63F7BE8D66} - System32\Tasks\ASCU10_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-12-14] (IObit)
Task: {160B2967-201E-4798-AF01-110AA11799C4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {1B188FBC-CBE6-45C3-A213-D566E6BBCFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {1E8610D1-DAAD-45EE-AEF9-60CF36C57CF4} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {246C0A6B-6A80-442C-A94D-5FBCCBD34064} - \Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-500 -> Keine Datei <==== ACHTUNG
Task: {2910A9B7-00AD-4EEB-B6C9-927B25E7E0E9} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-15] ()
Task: {2C3EBB37-E372-47BF-AA9B-7344DB5F624D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {2D3F43BE-DB01-43CC-B9FF-47575B2433F1} - System32\Tasks\ASCU8_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: {2EA02241-0B03-408F-B83B-7C902900B8FF} - System32\Tasks\Uninstaller_SkipUac_W => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-11-04] (IObit)
Task: {364E78CB-8F52-46BE-B238-EC7BF0F7960C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {39608701-DBEC-4F19-8A9F-2B3FD009FCF3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {3DBB24AE-FDCE-4666-BC02-9FDB77BFF611} - System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {3DD3B6F9-E321-4828-A255-7D7F6CECE88D} - System32\Tasks\HPCeeScheduleForW => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {40831A6D-1DBD-4094-8BDC-DB6537DF6ACC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {4695E224-12EF-44AD-AE15-C75A4DB9C1D6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {4845DFF6-45BE-4901-A88B-766B40B6C531} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {48DFFBFB-C1E4-43FB-AAB0-772F322E9EE4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-12] (Microsoft Corporation)
Task: {4C904833-F10F-42DD-B018-9099D51B5A86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5110E657-D3DD-416A-96ED-FB9A4021657D} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] ()
Task: {54FD2185-D0BC-4F2D-9568-029537E6B572} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {550A1FE6-D5EF-4F39-9559-B9ED09BA2F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {5A608E78-575C-41FA-ABFD-339F9A1A1EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.)
Task: {5CA7B546-0C0E-41B5-A83C-61A8B2F9FE8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {5EA0F6CA-D44B-47E5-A977-C631BE9750D4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {6B06E695-1468-45F2-8107-2002312A5B8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {7A92A124-AB57-4689-BDC1-D338DCAF4A61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {83CA6AC7-F7C8-4DC2-8F60-BBC037B4AA48} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {855DE6AB-33A8-400D-939E-7BE1F1AE7654} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {86178183-17F5-4BA7-BC6E-4E390CF63EDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {8644FDE7-79EA-43C5-97D6-934D3EBD2566} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-14] (Dropbox, Inc.)
Task: {89E5B5A1-C55F-4BE2-9370-A2CD7CA15B12} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {AC1AE724-565B-440F-9D99-64BD1870B476} - System32\Tasks\{C899D39E-45DD-45B2-A29B-4C51F80917CF} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B1808870-E8C8-4B57-98C3-8D4B26BE2E01} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {B7B5D5D0-1713-4348-B0A7-E98675483F7C} - System32\Tasks\Driver Booster SkipUAC (W) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {B80C527B-82B1-4B34-B2ED-109A7D3EA85B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C733BA11-DEE8-44A5-BF13-A08E1F4ACD3A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {D3B1AE45-944C-42A6-A96E-EC986892BE4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {D4211F9A-2116-4A21-8804-557BCD1141BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {DAD6039A-7170-48A1-8431-23477DAF2D3E} - System32\Tasks\ASCU10_SkipUac_W => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-12-16] (IObit)
Task: {E8068A8A-1B36-4C21-B476-11564C67DC2C} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-07-22] (IObit)
Task: {F5AE5400-C680-4B8E-AFEE-ADC6CA9BA7C7} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ASCU10_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe
Task: C:\Windows\Tasks\ASCU8_SkipUac_W.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForW.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_W.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-15 20:39 - 2014-01-08 01:48 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2013-11-28 22:35 - 2013-11-28 22:35 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-03-19 12:01 - 2015-03-19 12:01 - 00688888 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-02-24 11:59 - 2014-02-24 11:59 - 00109056 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSHomeCloudAPI.dll
2017-01-14 01:14 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-12-04 10:19 - 2016-06-21 19:30 - 00442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2016-12-04 10:19 - 2016-06-21 19:29 - 00059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2016-12-28 11:58 - 2016-08-18 18:43 - 00059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2016-12-28 11:58 - 2016-11-01 10:11 - 00078624 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll
2017-01-12 14:05 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-01-12 14:05 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-01-11 12:50 - 2015-12-29 11:29 - 00190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-01-11 12:50 - 2015-12-29 11:30 - 00275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-01-11 12:50 - 2015-12-29 11:30 - 00059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-01-11 12:50 - 2016-10-20 09:59 - 00631072 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll
2017-01-11 12:50 - 2015-12-29 11:31 - 00047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2015-03-19 15:29 - 2015-03-19 15:29 - 00055032 _____ () C:\Program Files (x86)\Common Files\XCPCSync.OEM\SyncSDK.209.604\Translators\MSOl\rMSOLDE.dll
2015-03-19 11:22 - 2015-03-19 11:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 16:25 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2016-09-14 11:04 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-01-11 12:19 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-14 11:04 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-14 11:04 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00021328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00052032 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-01-11 12:19 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-01-11 12:19 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00026464 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-14 11:04 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-01-11 12:19 - 2017-01-06 01:03 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00023384 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00019792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00022360 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00024400 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-01-11 12:19 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-01-11 12:19 - 2017-01-06 01:03 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-01-11 12:19 - 2017-01-06 01:04 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-14 11:04 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00020296 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2017-01-11 12:19 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-01-11 12:19 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-01-11 12:19 - 2017-01-06 01:04 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-14 11:04 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-14 11:04 - 2017-01-06 01:04 - 00024920 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-11 12:19 - 2017-01-06 01:04 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-28 11:58 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\webres.dll
2016-12-28 11:58 - 2016-11-09 14:35 - 00631072 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll
2014-10-15 20:35 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-11 18:59 - 2017-01-11 18:59 - 17835096 _____ () C:\Users\W\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2016-12-04 10:19 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2016-12-04 10:19 - 2016-09-26 13:59 - 00631072 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2016-09-20 02:23 - 2016-09-20 02:23 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-05-03 03:28 - 2015-05-03 03:28 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2017-01-14 01:15 - 2017-01-14 01:15 - 01041608 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\W\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dc 2009 cherry blossom.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Swiss Media Research =>
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\StartupApproved\Run: => "Swiss Media Research"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{691CF345-DD69-404F-AF5D-6F4559782239}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{20468303-425B-4EEF-9CF2-CB9B667877CF}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A36E65A0-12AE-401F-B4EB-772BF0F8E1E9}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{77F93656-1433-4630-BD7C-E720231F1DC5}] => C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{1DE267D5-A1AF-46D6-BB84-678F68CC5E84}] => LPort=4481
FirewallRules: [{22584053-CCF2-48FA-B4DB-17B85D4A4D99}] => LPort=4481
FirewallRules: [{FE52E7C5-DA41-41EA-BA15-E3AAEA4110AD}] => LPort=4482
FirewallRules: [{AD828279-8620-49EF-8955-492B1B2F638B}] => LPort=4482
FirewallRules: [TCP Query User{82BDC133-2312-4BAF-8D46-7D68548E2438}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{25AB6BF8-A186-488E-B239-C6FB6BFECC7C}C:\users\w\appdata\roaming\spotify\spotify.exe] => C:\users\w\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4CF7D7C9-3290-48FB-8336-CC4EDBF77924}] => C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{DA5E6717-0863-4AD6-8CB4-E350F6941D2F}] => C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{94312F5D-797E-4DD8-B3BB-540277322EA7}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{6C4FBF2E-085C-47B2-B693-E39F9920408B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{A32968A8-76A3-4228-AF59-4C0EEA8FB02C}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{29C75D54-A4F9-4459-9812-1936D981D03F}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [TCP Query User{C1E0DF48-FF76-4E7B-8FC9-AB3F0FC95967}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3601AE15-869E-48B2-AFCE-55E105C11061}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C3620875-5C70-4145-B20F-5293F40C2FF0}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC0F178A-5676-4D57-BE7F-50804D499185}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{6EB504D7-AA49-4638-A3A0-50F3D0ADB71F}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A125D56A-2E3C-458F-A69C-9E4B14FAF15B}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{AA9B8A09-581B-4167-8AEB-FA3B89625855}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{B1EEAC93-F801-48D6-AC66-3C2B14074556}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A41AF319-88AA-4D4D-B37C-DC812E678C7E}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D6E05F4F-52FC-433B-B3AA-5E933AA99D67}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FC01E046-1852-4524-A703-D2116F68448B}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{98587A68-0360-4057-8319-C1793D3D52A3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{E05D331A-6921-4271-9622-AD1F1B469ADA}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{294EE63A-E5AB-4C08-ACB0-5EFC9B0A1A25}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{A285D6A6-BA0F-4E71-A956-C798412A53E3}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3510B7E4-F0DA-4328-9444-37B49694C78D}] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{885CCE20-D2D0-418E-A684-D7183BE6F03A}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{EA57B3A8-6643-4EC8-9958-191B7015BA39}] => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{63D24422-F0BD-417D-B1E8-CF6972A5B421}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{785E03D9-876A-4504-8699-B3C88F6788A2}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{77F70256-B007-40A4-81B2-A97C00F0F506}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{B98762E4-1E97-46D9-88C6-D42B3DB4BF78}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{1EAD28E8-83F0-4031-A147-39D05CC7FC11}] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{5B288256-58A1-446F-A369-83F9BA1276F0}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7CF04991-30DC-4C5A-8CCA-7CA75906989E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{0FC51FDA-052A-480A-BBE0-FCE7DCD3416E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{D7590519-D3F1-49B2-8B6E-E9166910CB7B}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{BFD1D46B-0E6D-49C2-BA07-DB5EC992DD4E}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{5E6FAF82-21B1-4AD6-A48C-E341ABA90A39}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{716992DF-C895-43E7-A1CA-E3FB78C59ACA}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

14-01-2017 09:55:29 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/14/2017 09:42:49 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.

Kontext: Windows Anwendung

Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)

Error: (01/14/2017 01:16:34 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung Fehler in der Wiederherstellungsphase. beendet.

Kontext: Anwendung, SystemIndex Katalog

Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)

Error: (01/14/2017 01:16:34 AM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Fehler-ID 1邐10 in der Wiederherstellungsphase von Windows Search. Bitte starten Sie den Dienst erneut. Wenn dieser Fehler weiterhin besteht, führen Sie eine Neuerstellung des Index aus.

Kontext: Anwendung, SystemIndex Katalog

Details:
Gatherer wird heruntergefahren. (HRESULT : 0x80040d23) (0x80040d23)

Error: (01/14/2017 01:05:00 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1

Error: (01/14/2017 01:05:00 AM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyLpmService
CreateApplicationList: dptfFrameworkHandle is NULL.

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceMain: ServiceStart() failed.

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyCriticalService
ServiceStart: ConnectToDptfFrameworkDriver() failed.

Error: (01/14/2017 12:59:10 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyCriticalService
ConnectToDptfFrameworkDriver: SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Systemfehler:
=============
Error: (01/14/2017 01:15:43 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/14/2017 12:59:31 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/14/2017 12:52:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/13/2017 11:29:30 PM) (Source: BROWSER) (EventID: 8019) (User: )
Description: Der Suchdienst konnte sich nicht selbst zum Hauptsuchdienst heraufstufen. Der Suchdienst wird weiterhin
versuchen, sich selbst heraufzustufen, wird aber keine Ereignisse mehr protokollieren.

Error: (01/13/2017 10:23:39 PM) (Source: BROWSER) (EventID: 8020) (User: )
Description: Der Suchdienst konnte sich nicht selbst zur Funktion als Hauptsuchdienst heraufstufen.
Der Computer, der zurzeit die Funktion als Hauptsuchdienst erfüllt, ist unbekannt.

Error: (01/13/2017 04:56:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/12/2017 02:10:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:28:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IMF Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/11/2017 12:27:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StartMenu8 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

CodeIntegrity:
===================================
Date: 2017-01-11 14:21:55.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-10 08:10:01.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-07 09:28:52.157
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:58:49.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:50:20.220
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:32:12.912
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-05 00:02:49.162
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-04 23:56:35.478
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-04 23:53:40.418
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-08 22:44:46.179
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RimUsb_AMD64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 8075.11 MB
Verfügbarer physikalischer RAM: 3624.53 MB
Summe virtueller Speicher: 19851.11 MB
Verfügbarer virtueller Speicher: 14706.99 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:8.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:121.98 GB) (Free:107.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: FDF0BB21)

Partition: GPT.

==================== Ende von Addition.txt ============================[CODE]

[CODE]Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
durchgeführt von W (Administrator) auf ASUS-KLEIN (14-01-2017 18:42:33)
Gestartet von C:\Users\W\Downloads
Geladene Profile: W (Verfügbare Profile: W & WalburgaA & WalburgaA_2)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvWsc.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111488 2015-11-15] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26287016 2017-01-06] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [26832 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [159568 2016-12-13] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Atheros Communications)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1475320 2015-03-19] (Research In Motion)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27017856 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3023136 2016-12-16] (IObit)
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {d9a05da4-94cf-11e5-829d-6c71d9ffbf53} - "E:\setup.exe" AUTORUN=1
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\...\MountPoints2: {f2ea754b-1321-11e5-8269-6c71d9ffbf53} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\Start.exe
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{DBD4E8A9-652A-4633-A57C-4B610E4BB4B8}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tageswoche.ch/
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4242665128-3801008343-3756527368-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.washingtonpost.com/
hxxp://www.huffingtonpost.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> DefaultScope {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4242665128-3801008343-3756527368-1001 -> {81DDAEC8-19B8-466D-AF59-34C382FB834F} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default [2015-09-01]
FF user.js: detected! => C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\user.js [2015-11-23]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mPyt7swg.default -> Google
FF Extension: (Avira Browser Safety) - C:\Users\W\AppData\Roaming\Mozilla\Firefox\Profiles\mPyt7swg.default\Extensions\abs@avira.com [2017-01-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-16] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.washingtonpost.com/
CHR StartupUrls: Default -> "hxxps://www.washingtonpost.com/?reload=true","hxxp://www.tageswoche.ch/","hxxp://www.huffingtonpost.com/politics/","hxxps://www.facebook.com/"
CHR DefaultSearchURL: Default -> hxxps://search.avira.net/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.net/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\W\AppData\Local\Google\Chrome\User Data\Default [2017-01-14]
CHR Extension: (Google Präsentationen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-13]
CHR Extension: (Google Docs) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-13]
CHR Extension: (Google Drive) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Poper Blocker) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-01-11]
CHR Extension: (YouTube) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (TV) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2017-01-12]
CHR Extension: (Genius Web Annotator) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccaokncpmmjiakalbcfdbfmpcaiddjdn [2017-01-11]
CHR Extension: (Google-Suche) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-03-13]
CHR Extension: (Google Tabellen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-13]
CHR Extension: (Avira Browserschutz) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: („Pin it“-Button) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-03]
CHR Extension: (Awiedno) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkddnpkbopdohfcjcjalflagcmcnpmm [2017-01-12]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-01-03]
CHR Extension: (OldNewsFeed) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jacjkeodiliklmpildjkfaciknopckaa [2015-03-13]
CHR Extension: (Cisco WebEx Extension) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-03-17]
CHR Extension: (CHIP Best Deal) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnbfipnegfmpbggccokgcmkokibpkdc [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (True URL) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\npoeonoajkbigbemkbpklihoggklhblg [2017-01-09]
CHR Extension: (Adblock Pro) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-17]
CHR Extension: (Check My Links) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2015-11-10]
CHR Extension: (This Is Fake) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\peeibjiaceaafioopngfaneonhcdbmhb [2016-12-17]
CHR Extension: (Google Mail) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\W\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1013024 2016-11-10] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1936672 2016-12-16] (IObit)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299968 2017-01-04] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc.)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2015-11-15] (Intel Corporation)
S2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2015-11-15] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2015-11-15] (Intel Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2016-03-13] (Intel Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R3 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1077536 2016-12-05] (IObit)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35416 2016-12-13] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4307192 2016-11-18] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2016-01-25] (ASUS Corporation)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
S3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2015-11-15] (Intel Corporation)
S3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2015-11-15] (Intel Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2015-11-15] (Intel Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [55784 2016-03-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-03-13] (Intel Corporation)
S3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [50664 2016-03-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2016-03-13] (Intel Corporation)
R2 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [183576 2016-10-27] (BitDefender LLC)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited) [Datei ist nicht signiert]
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-13] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-10-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 HWiNFO32; \??\C:\Users\W\AppData\Local\Temp\HWiNFO64A.SYS [X]
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-14 18:36 - 2017-01-14 18:36 - 02419200 _____ (Farbar) C:\Users\W\Downloads\FRST64.exe
2017-01-14 18:36 - 2017-01-14 18:36 - 00000000 ____D C:\Users\W\Downloads\FRST-OlderVersion
2017-01-14 18:34 - 2017-01-14 18:34 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2017-01-14 18:34 - 2017-01-14 18:34 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2017-01-14 01:01 - 2016-10-27 13:54 - 00183576 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2017-01-13 23:59 - 2017-01-13 23:59 - 00152354 _____ C:\Users\W\Downloads\quarantaene.txt
2017-01-13 22:23 - 2017-01-14 18:42 - 00032629 _____ C:\Users\W\Downloads\FRST.txt
2017-01-13 22:23 - 2017-01-14 18:37 - 00050030 _____ C:\Users\W\Downloads\Addition.txt
2017-01-13 16:53 - 2017-01-13 16:53 - 00000000 ____D C:\Users\W\AppData\Local\AviraSpeedup
2017-01-12 17:54 - 2017-01-12 17:54 - 00000890 _____ C:\Users\W\Downloads\170112 Avira log Events.txt
2017-01-12 17:08 - 2017-01-12 17:08 - 00051001 _____ C:\Users\W\Downloads\170112 scan log malware Addition.txt
2017-01-12 17:06 - 2017-01-12 17:06 - 00051001 _____ C:\Users\W\Desktop\Addition.txt
2017-01-12 17:05 - 2017-01-12 17:06 - 00056683 _____ C:\Users\W\Desktop\FRST.txt
2017-01-12 17:04 - 2017-01-14 18:42 - 00000000 ____D C:\FRST
2017-01-12 17:04 - 2017-01-12 17:04 - 02193920 _____ (Farbar) C:\Users\W\Desktop\FRST64.exe
2017-01-12 16:49 - 2017-01-12 16:49 - 00001066 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2017-01-12 16:44 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-01-12 16:44 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-01-12 16:43 - 2017-01-14 01:00 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-01-12 16:43 - 2017-01-12 16:43 - 00001230 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00001179 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2017-01-12 16:43 - 2017-01-12 16:43 - 00000000 ____D C:\Users\W\AppData\Local\Avira
2017-01-12 16:42 - 2017-01-12 16:42 - 04581024 _____ (Avira Operations GmbH & Co. KG) C:\Users\W\Downloads\avira_en_fass0_5877a2f1825c4__ws.exe
2017-01-12 14:13 - 2016-03-25 14:33 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2017-01-12 14:05 - 2017-01-12 14:05 - 00003156 _____ C:\Windows\System32\Tasks\SmartDefrag_AutoAnalyze
2017-01-12 14:05 - 2017-01-12 14:05 - 00001180 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk
2017-01-12 14:04 - 2017-01-12 14:05 - 00002318 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-01-12 14:04 - 2017-01-12 14:04 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2017-01-12 14:04 - 2017-01-12 14:04 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (W)
2017-01-12 09:05 - 2017-01-12 13:16 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForW.job
2017-01-11 12:53 - 2017-01-14 01:01 - 00000062 _____ C:\Users\W\AppData\Roaming\sp_data.sys
2017-01-11 12:50 - 2017-01-14 00:43 - 00000240 _____ C:\Windows\Tasks\StartMenu8_Start.job
2017-01-11 12:50 - 2017-01-11 12:50 - 00002272 _____ C:\Windows\System32\Tasks\StartMenu8_Start
2017-01-11 12:50 - 2017-01-11 12:50 - 00001220 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2017-01-11 12:35 - 2017-01-11 12:37 - 00000000 ____D C:\Program Files (x86)\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\Users\W\AppData\Roaming\SuperBoost
2017-01-11 12:35 - 2017-01-11 12:35 - 00000000 ____D C:\ProgramData\SuperBoost
2017-01-11 12:27 - 2017-01-11 12:27 - 00000000 ____D C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E}
2017-01-11 12:27 - 2016-03-22 11:02 - 00021360 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2017-01-11 12:25 - 2017-01-11 12:25 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 12:25 - 2017-01-11 12:25 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 12:20 - 2017-01-11 12:20 - 04964352 _____ C:\Windows\system32\config\drivers.iobit
2017-01-11 12:19 - 2017-01-11 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-08 12:27 - 2017-01-08 12:27 - 00466653 _____ C:\Users\W\Documents\Scan0006.pdf
2017-01-08 12:26 - 2017-01-08 12:26 - 00434838 _____ C:\Users\W\Documents\Scan0005.pdf
2017-01-08 12:25 - 2017-01-08 12:25 - 00385621 _____ C:\Users\W\Documents\Scan0004.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00350924 _____ C:\Users\W\Documents\Scan0003.pdf
2017-01-08 12:24 - 2017-01-08 12:24 - 00318462 _____ C:\Users\W\Documents\Scan0002.pdf
2017-01-08 12:23 - 2017-01-08 12:23 - 00328248 _____ C:\Users\W\Documents\Scan0001.pdf
2017-01-06 01:04 - 2017-01-06 01:04 - 00051504 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-01-03 13:19 - 2017-01-12 14:04 - 00268800 ___SH C:\Users\W\Desktop\Thumbs.db
2016-12-28 13:08 - 2016-12-28 13:09 - 95503176 _____ (IObit ) C:\Users\W\Downloads\asc-ultimate-setup-cnet.exe
2016-12-28 12:55 - 2017-01-12 13:55 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-12-28 12:50 - 2016-12-28 12:50 - 00040960 _____ C:\Windows\system32\config\SAM.iobit
2016-12-28 12:50 - 2016-12-28 12:50 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 98074624 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-12-28 12:49 - 2016-12-28 12:49 - 00339968 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-12-28 11:59 - 2016-12-28 11:59 - 00000000 ____D C:\ProgramData\BDLogging
2016-12-28 11:59 - 2016-11-02 19:11 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-12-28 11:58 - 2017-01-14 18:42 - 00002383 _____ C:\Users\Public\Desktop\Advanced SystemCare Ultimate 10.lnk
2016-12-28 11:58 - 2017-01-14 00:40 - 00000270 _____ C:\Windows\Tasks\ASCU10_SkipUac_W.job
2016-12-28 11:58 - 2016-12-28 11:59 - 00003022 _____ C:\Windows\System32\Tasks\ASCU10_PerformanceMonitor
2016-12-28 11:58 - 2016-12-28 11:58 - 00002362 _____ C:\Windows\System32\Tasks\ASCU10_SkipUac_W
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2016-12-28 11:58 - 2016-12-28 11:58 - 00000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2016-12-25 19:57 - 2016-12-25 19:57 - 00157123 _____ C:\Users\W\Desktop\15724685_1227749577273428_7927209070533867513_o.jpg
2016-12-25 10:13 - 2016-12-25 10:13 - 02964472 _____ (Google) C:\Users\W\Downloads\chrome_cleanup_tool.exe
2016-12-20 13:53 - 2016-12-20 13:53 - 00587805 _____ C:\Users\W\Documents\Scan.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-14 18:31 - 2015-05-15 14:32 - 00000000 ____D C:\Users\W\Documents\Outlook-Dateien
2017-01-14 09:44 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-01-14 09:42 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-14 01:26 - 2015-11-13 15:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-14 01:25 - 2015-03-13 18:15 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-01-14 01:24 - 2016-09-14 11:03 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-14 01:16 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-14 01:15 - 2015-03-16 21:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-14 01:10 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-14 01:09 - 2015-05-25 10:02 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4242665128-3801008343-3756527368-1001
2017-01-14 01:06 - 2014-05-16 00:55 - 00817442 _____ C:\Windows\system32\perfh00C.dat
2017-01-14 01:06 - 2014-05-16 00:55 - 00167144 _____ C:\Windows\system32\perfc00C.dat
2017-01-14 01:06 - 2014-05-16 00:45 - 00793698 _____ C:\Windows\system32\perfh007.dat
2017-01-14 01:06 - 2014-05-16 00:45 - 00168368 _____ C:\Windows\system32\perfc007.dat
2017-01-14 01:06 - 2014-03-18 16:26 - 02820038 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-14 01:00 - 2016-09-14 11:05 - 00000000 ___RD C:\Users\W\Dropbox
2017-01-14 00:59 - 2016-09-14 11:03 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-14 00:59 - 2015-03-13 18:10 - 00000000 ___DO C:\Users\W\OneDrive
2017-01-14 00:59 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-14 00:58 - 2015-06-14 08:14 - 00000000 ____D C:\Program Files (x86)\Avira
2017-01-14 00:55 - 2015-04-10 14:54 - 00000000 ____D C:\Program Files (x86)\IObit
2017-01-14 00:55 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-01-14 00:51 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-13 07:15 - 2013-08-22 15:44 - 00488000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-12 16:51 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-12 16:49 - 2015-06-14 08:14 - 00000000 ____D C:\ProgramData\Avira
2017-01-12 16:43 - 2014-10-15 20:48 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-12 14:05 - 2016-05-17 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2017-01-12 14:05 - 2015-05-25 22:26 - 00000000 ____D C:\ProgramData\ProductData
2017-01-12 14:04 - 2016-11-17 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-01-12 13:51 - 2015-03-14 19:09 - 00000000 ____D C:\Users\W\AppData\Local\ElevatedDiagnostics
2017-01-12 09:05 - 2016-07-14 18:29 - 00003144 _____ C:\Windows\System32\Tasks\HPCeeScheduleForW
2017-01-12 08:37 - 2015-03-29 15:41 - 00000000 ____D C:\Users\W\Desktop\klondike how tos
2017-01-12 08:30 - 2015-03-13 19:33 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 08:28 - 2015-03-13 19:33 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 07:43 - 2015-04-13 11:54 - 00000000 ____D C:\Users\W\Documents\Dies & Das
2017-01-11 20:32 - 2014-10-15 20:39 - 00000000 ____D C:\Windows\softwaredistribution.bak
2017-01-11 12:55 - 2015-04-10 14:54 - 00000000 ____D C:\ProgramData\IObit
2017-01-11 12:50 - 2015-04-10 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2017-01-11 12:24 - 2015-11-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2017-01-11 12:19 - 2016-09-14 11:03 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-01-11 07:26 - 2015-11-13 15:34 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 07:26 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-09 13:34 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\Packages
2017-01-08 23:00 - 2015-05-25 06:44 - 00000000 ____D C:\Users\W\Desktop\dies und das
2017-01-05 00:49 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W
2017-01-05 00:48 - 2016-07-06 14:00 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2017-01-05 00:48 - 2015-05-28 00:15 - 00000000 ____D C:\Users\W\AppData\Roaming\ProductData
2017-01-05 00:48 - 2015-04-10 14:56 - 00000000 ____D C:\Users\W\AppData\LocalLow\IObit
2017-01-05 00:48 - 2015-04-10 14:54 - 00000000 ____D C:\Users\W\AppData\Roaming\IObit
2017-01-05 00:48 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2
2017-01-05 00:48 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA
2017-01-05 00:48 - 2015-03-13 18:07 - 00000000 ____D C:\Users\W\AppData\Local\ASUS
2017-01-05 00:48 - 2014-10-15 20:50 - 00000000 ____D C:\ProgramData\P4G
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2017-01-05 00:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\oobe
2017-01-05 00:47 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration
2017-01-03 13:19 - 2015-11-02 13:00 - 00000000 ____D C:\Users\W\Desktop\basel sell & buy
2016-12-29 08:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\catroot
2016-12-29 08:26 - 2015-04-27 14:39 - 00000000 ____D C:\Users\W\AppData\Roaming\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-28 12:56 - 2015-04-27 14:39 - 00000000 ____D C:\ProgramData\Skype
2016-12-28 12:56 - 2013-08-22 14:36 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-28 12:55 - 2016-11-17 09:22 - 00000389 _____ C:\Windows\Backup.ini
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-12-28 12:48 - 2014-10-15 20:51 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-28 12:48 - 2014-10-15 20:50 - 00000000 ____D C:\AsusVibeData
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Media Player
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-28 12:48 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Media Player
2016-12-28 12:46 - 2015-12-20 13:23 - 00000000 ___RD C:\Users\W\Documents\Scanned Documents
2016-12-28 12:46 - 2015-10-12 22:30 - 00000000 ____D C:\Users\W\AppData\Local\Viber
2016-12-28 12:46 - 2015-09-07 14:30 - 00000000 ____D C:\Users\W\AppData\Local\Information Factory
2016-12-28 12:46 - 2015-06-18 22:44 - 00000000 ____D C:\Users\W\Downloads\BLACKBERRY-827B
2016-12-28 12:46 - 2015-06-09 04:40 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-05-04 15:46 - 00000000 ____D C:\Users\W\AppData\Local\PDFCreator
2016-12-28 12:46 - 2015-04-13 15:24 - 00000000 ____D C:\Users\W\Documents\Jobs
2016-12-28 12:46 - 2015-04-13 15:23 - 00000000 ____D C:\Users\W\Documents\IT & Technik
2016-12-28 12:46 - 2015-04-13 14:51 - 00000000 ____D C:\Users\W\Documents\Global Health
2016-12-28 12:46 - 2015-04-13 11:56 - 00000000 ____D C:\Users\W\Documents\Finanzen alles
2016-12-28 12:46 - 2015-04-13 11:21 - 00000000 ____D C:\Users\W\Documents\WM privat
2016-12-28 12:46 - 2015-04-13 11:20 - 00000000 ____D C:\Users\W\Documents\ViberDownloads
2016-12-28 12:46 - 2015-04-13 10:18 - 00000000 ____D C:\Users\W\Documents\Travel
2016-12-28 12:46 - 2015-04-13 10:15 - 00000000 ____D C:\Users\W\Documents\Shopping
2016-12-28 12:46 - 2015-04-13 10:14 - 00000000 ____D C:\Users\W\Documents\pass & dokumente
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Küche & Keller
2016-12-28 12:46 - 2015-04-13 10:11 - 00000000 ____D C:\Users\W\Documents\Korrespondenz
2016-12-28 12:46 - 2015-03-16 21:46 - 00000000 ____D C:\Users\WalburgaA_2\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-16 21:44 - 00000000 ____D C:\Users\WalburgaA\AppData\Local\Temp
2016-12-28 12:46 - 2015-03-13 19:51 - 00000000 ____D C:\Users\W\AppData\Local\CrashDumps
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Videos
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Music
2016-12-28 12:46 - 2015-03-13 18:07 - 00000000 ___RD C:\Users\W\Links
2016-12-28 12:46 - 2014-10-15 20:42 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2016-12-28 08:12 - 2015-09-07 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BalTax
2016-12-20 03:47 - 2015-05-25 06:52 - 00262144 _____ C:\Users\Public\NTUSER.DAT
2016-12-17 14:54 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-12-16 22:25 - 2015-05-15 17:20 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d08f2b911076e
2016-12-16 22:25 - 2015-03-13 18:15 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 16:25 - 2015-03-13 18:15 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 16:25 - 2015-03-13 18:15 - 00002197 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-22 20:37 - 2017-01-05 00:27 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.Exception.log
2015-05-22 20:36 - 2015-05-22 20:36 - 0001111 _____ () C:\Users\W\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-05-22 20:37 - 2017-01-05 00:26 - 0001001 _____ () C:\Users\W\AppData\Roaming\Rim.DesktopHelper.Exception.log
2017-01-11 12:53 - 2017-01-14 01:01 - 0000062 _____ () C:\Users\W\AppData\Roaming\sp_data.sys
2015-08-01 15:11 - 2015-08-01 15:11 - 0005632 _____ () C:\Users\W\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-05 07:36 - 2016-12-05 07:37 - 0000000 _____ () C:\Users\W\AppData\Local\{AA28E808-D671-4703-8CEF-BBE7E3053563}
2016-07-06 14:05 - 2016-07-06 14:05 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Einige Dateien in TEMP:
====================
C:\Users\WalburgaA_2\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-09 05:29

==================== Ende von FRST.txt ============================[CODE]

cosinus · 14.01.2017, 19:11

Du kannst deine Beiträge auch mal editieren. Da stimmen eh die CODE-Tags nicht.

wma927 · 14.01.2017, 20:20

?????? sorry, aber ich verstehe Ihre letzte Antwort /Frage nicht?

a) welche Code-Tags? und was genau stimmt daran nicht? ich bin ja schon froh, dass ich überhaupt ab und zu auf die FRST - Seite komme ;(

die FRST txt & addition.txt sind copy & paste; was hab ich da denn übersehen?

b) und wie kann ich texte redigieren, wenn sie schon verschickt sind?

sorry, aber ich bin nur ein normaler user und kein ITler ;(

WM

cosinus · 14.01.2017, 21:45

Ich hab dir gleich in der ersten Antwort nen dicken Lesestoff zu CODE-Tags gepostet

Dafür muss man kein IT'ler sein

13.01.2017, 19:01	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: - FRST.txt fehlt - Logfile von Avira ohne Funde ist sinnfrei - oder gab es wirklich keine Funde? __________________ Logfiles bitte immer in CODE-Tags posten

13.01.2017, 23:56	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Du hast schon wieder die addition.txt gepostet, es fehlt aber die FRST.txt __________________ --> Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe:

14.01.2017, 14:21	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Dann bitte neue FRST-LOgs __________________ Logfiles bitte immer in CODE-Tags posten

14.01.2017, 19:11	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Du kannst deine Beiträge auch mal editieren. Da stimmen eh die CODE-Tags nicht. __________________ Logfiles bitte immer in CODE-Tags posten

14.01.2017, 21:45	#15
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: Ich hab dir gleich in der ersten Antwort nen dicken Lesestoff zu CODE-Tags gepostet Dafür muss man kein IT'ler sein __________________ Logfiles bitte immer in CODE-Tags posten

Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe:

Log-Analyse und Auswertung: Trojaner: Win32/Trojan Downloader.Nymaim.BA Trojaner eingefangen; mit der Bitte um Hilfe: