Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.08.2015, 08:13   #1
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



Guten Tag zusammen,
seit einigen Tagen öffnet sich beim Hochfahren von Windows 7 ein "Dos-Fenster", bei dem oben im Rahmen Folgendes steht:
"C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe"
(Anstelle Name steht mein Name, anstelle des Bindestrichs eine Tilde)

Im Fenster blinkt ein Cursor-Symbol.

Ich würde gern wissen, worum es sich dabei handelt und für einen Hinweis, wie ich dieses Fenster vom Bildschirm weg und auch insgesamt vom Notebook bekomme bin ich dankbar.

Gruß
W

Alt 01.08.2015, 11:13   #2
schrauber
/// the machine
/// TB-Ausbilder
 

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 22.08.2015, 11:36   #3
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

Frst



Dies ist die Frst-Datei
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
durchgeführt von Ebling (Administrator) auf HP625 (22-08-2015 11:22:27)
Gestartet von C:\Users\Ebling\Desktop
Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
() C:\Windows\System32\ieconfig_1und1_svc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(AVM Berlin) C:\Program Files\1&1\Stcenter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe
(Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [Google Update] => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-17] (Google Inc.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\RunOnce: [Application Restart #0] => C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15]
ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15]
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] ()
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25]
ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [S-1-5-21-1320190850-2687297852-4289220983-1001] => Internet Explorer proxy ist aktiviert.
ProxyServer: [S-1-5-21-1320190850-2687297852-4289220983-1001] => localhost:8088
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
hxxp://www.bild.de/
SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {17DEF703-7B02-4191-B3CE-0C5250344CEB} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\.DEFAULT -> {979F1432-D714-4905-B07F-C9CB5EF2462E} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\.DEFAULT -> {E8A98910-41C8-4FEA-9BBF-439433B95BE5} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\.DEFAULT -> {F45BF24A-B4EC-40A7-942F-501104FC55E9} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {10FC8F81-E923-4DFC-A0DF-FFABC14D54A6} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-12] (IObit)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  Keine Datei
Toolbar: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in  Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02]

Chrome: 
=======
CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-05-09]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08]
CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15]
StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG)
R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG)
R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.)
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.)
R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] ()
R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] ()
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] ()
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
R3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com)
S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 ASPI32; kein ImagePath
U3 DfSdkS; kein ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 11:22 - 2015-08-22 11:23 - 00024754 _____ C:\Users\Ebling\Desktop\FRST.txt
2015-08-22 11:21 - 2015-08-22 11:22 - 00000000 ____D C:\FRST
2015-08-22 11:20 - 2015-08-22 11:20 - 01677824 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom
2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys
2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys
2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei
2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 13:48 - 2015-08-03 13:51 - 00000000 ____D C:\windows\rescache
2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk
2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk
2015-08-01 16:09 - 2015-08-22 11:09 - 01162952 _____ C:\windows\WindowsUpdate.log
2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-01 16:07 - 2015-08-22 10:57 - 00007956 _____ C:\windows\setupact.log
2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log
2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-01 16:06 - 2015-08-01 16:06 - 00001772 _____ C:\windows\PFRO.log
2015-08-01 10:39 - 2015-08-22 10:57 - 00000378 _____ C:\windows\Tasks\Wise Care 365.job
2015-08-01 10:39 - 2015-08-20 10:00 - 00000406 _____ C:\windows\Tasks\Wise Turbo Checker.job
2015-08-01 10:31 - 2015-08-01 16:07 - 00000546 _____ C:\windows\Tasks\Wise Care 365 PC Checkup Task.job
2015-08-01 10:27 - 2015-08-22 10:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll
2015-08-01 10:27 - 2015-08-01 10:27 - 00001118 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise
2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-25 17:20 - 2015-07-25 17:20 - 06962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 11:17 - 2012-09-18 23:36 - 00002664 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk
2015-08-22 11:17 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
2015-08-22 11:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-22 10:58 - 2011-02-15 18:17 - 00000432 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-22 10:57 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:57 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 13:49 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy
2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling
2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom
2015-08-20 11:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job
2015-08-19 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
2015-08-19 18:52 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log
2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver
2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations
2015-08-16 22:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 19:45 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate
2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser
2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT
2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 11:24 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC
2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 __RHD C:\MSOCache
2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps
2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job
2015-07-30 20:36 - 2015-05-09 08:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Update Manager
2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP
2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard
2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod
2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime
2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache
2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList
2015-07-25 18:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:08 - 2015-03-28 20:40 - 00000000 ___SD C:\windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe
2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe
2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe
2015-03-29 18:02 - 2015-03-29 18:02 - 28444000 _____ (Ashampoo GmbH & Co. KG                                      ) C:\Program Files\ashampoo_winoptimizer_2015_18590.exe
2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip
2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe
2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe
2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt
2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar
2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url
2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe
2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip
2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt
2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip
2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe
2014-02-27 18:57 - 2013-01-21 02:36 - 68765992 _____ (Landesfinanzdirektion Thüringen) C:\Program Files\ElsterFormular-14.0.0.10960p.exe
2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG                                     ) C:\Program Files\fdminst.exe
2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg
2013-10-26 10:31 - 2013-10-26 10:21 - 31162768 _____ () C:\Program Files\FreeAudioConverter-5.0.30.1022.exe
2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ () C:\Program Files\FreeVideoToMP3Converter.exe
2014-01-05 13:49 - 2014-01-05 13:48 - 32244744 _____ () C:\Program Files\FreeYouTubeDownload-3.2.20.1230.exe
2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04.exe
2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export
2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip
2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software                                               ) C:\Program Files\IDM05Setup.exe
2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ (                                                            ) C:\Program Files\ifunbox_setup.exe
2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe
2011-08-12 16:25 - 2011-08-12 16:25 - 2118933 _____ (Marx Softwareentwicklung                                    ) C:\Program Files\IPESetup09261.exe
2012-10-12 22:31 - 2012-10-12 22:31 - 0077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Program Files\jDownloaderWebInstaller09581.exe
2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe
2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe
2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt
2011-04-09 07:18 - 2011-04-09 07:18 - 11239256 _____ (deepinvent Software GmbH                                    ) C:\Program Files\MailStoreHomeSetup-4.2.0.5431.exe
2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip
2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile
2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe
2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe
2014-09-01 14:24 - 2014-09-01 14:24 - 10530167 _____ (J. Rathlev                                                  ) C:\Program Files\pb-setup-5.5.1000.exe
2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd                               ) C:\Program Files\PDFX142Vwer.exe
2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe
2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd.                                      ) C:\Program Files\pwhe78.exe
2010-09-06 03:55 - 2015-07-05 11:04 - 0003630 _____ () C:\Program Files\Readme.txt
2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe
2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip
2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar
2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip
2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg
2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
2011-02-16 16:26 - 2011-02-16 16:26 - 21683544 _____ (Hewlett-Packard Company                                     ) C:\Program Files\sp49541.exe
2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip
2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe
2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe
2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe
2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db
2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe
2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com                                             ) C:\Program Files\WiseCare365_373DE.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe
2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log
2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log
2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml
2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR
2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini
2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp
2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm
2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg
2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db
2014-02-15 10:42 - 2014-02-15 10:42 - 1364399 _____ () C:\ProgramData\1392451495.bdinstall.bin
2014-03-20 14:55 - 2014-03-20 14:55 - 0253886 _____ () C:\ProgramData\1395319610.bdinstall.bin
2014-03-20 15:54 - 2014-03-20 15:54 - 1108989 _____ () C:\ProgramData\1395320619.bdinstall.bin
2014-03-20 15:59 - 2014-03-20 15:59 - 0056385 _____ () C:\ProgramData\1395323941.bdinstall.bin
2014-03-20 16:31 - 2014-03-20 16:31 - 3180570 _____ () C:\ProgramData\1395324509.bdinstall.bin
2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda
2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini
2011-02-16 14:03 - 2014-06-25 20:03 - 0000000 _____ () C:\ProgramData\xml3D4F.tmp
2011-02-16 14:03 - 2014-12-06 11:49 - 0015350 _____ () C:\ProgramData\xml4155.tmp
2011-02-16 14:03 - 2011-02-16 14:03 - 0001629 _____ () C:\ProgramData\xml428E.tmp
2014-12-06 11:49 - 2014-12-06 11:49 - 0006028 _____ () C:\ProgramData\xml4E12.tmp

Einige Dateien in TEMP:
====================
C:\Users\Doris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ebling\AppData\Local\Temp\btins.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-03 10:45

==================== Ende vom raportu ============================
         
--- --- ---
__________________

Alt 22.08.2015, 11:56   #4
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



und dies die Addition-Datei:

Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
durchgeführt von Ebling (2015-08-22 11:26:05)
Gestartet von C:\Users\Ebling\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled)
DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW
Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris
Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling
Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version: - Joerg Rosenthal, Germany)
AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 2.62 (HKLM\...\CloneSpy) (Version: - CloneSpy)
COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DirPrintOK (HKLM\...\DirPrintOK) (Version: - )
EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - Free PDF to Word Doc Converter - easy and powerful pdf converter software.)
Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.)
iDevice Manager (HKLM\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 5.0.0.0 - Marx Software)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - )
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.)
PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad

==================== Wiederherstellungspunkte =========================

16-08-2015 13:24:16 Windows Update
17-08-2015 10:16:36 Installed TomTom HOME.
17-08-2015 10:30:13 Removed TomTom HOME.
19-08-2015 22:30:53 Windows Update
20-08-2015 13:36:19 Installed Bluetooth Software

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2013-11-09 04:23 - 00000893 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1 Google Analytics - Mobile, Premium and Free Website Analytics ? Google
127.0.0.1 google-analytics.com


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools"
Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015"
Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] ()
Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL"
Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG)
Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {5BF671C8-011A-460A-99B5-366A17D75C6E} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2015-05-12] (WiseCleaner.COM)
Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\
Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] ()
Task: {70BFAB2A-6C59-4B2E-8435-4E319F28F7AE} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [2015-07-01] (WiseCleaner.com)
Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603
Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix"
Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box"
Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {9B9B14A7-54D1-453C-AFEE-E91D118F3B31} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe
Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] ()
Task: {B8AF33E7-CFDB-4410-A365-6593DC01A192} - System32\Tasks\Uninstaller_SkipUac_Ebling => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {CB1078AD-B5F2-4DC1-8562-52E51BB18B43} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe"
Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files"
Task: {DA27E8F3-6587-46EF-AEFF-A1904A36D21A} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2015-06-04] (WiseCleaner.com)
Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop
Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {EAD8E160-4EB7-44C6-8388-7595B0CBBB11} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe
Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe
Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe
Task: C:\windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe
2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ibackupbot_setup.exe:BDU
AlternateDataStreams: C:\wm2014xxl.exe:BDU
AlternateDataStreams: C:\Program Files\ashampoo_winoptimizer_2015_18590.exe:BDU
AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU
AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU
AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU
AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU
AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU
AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU
AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC
AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Classes\.exe: => <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => ~"C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe
FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe
FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe
FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869
FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe
FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext: Anwendung, SystemIndex Katalog

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/03/2015 09:18:10 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:08 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:05 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:03 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1


Systemfehler:
=============
Error: (08/22/2015 10:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/21/2015 10:01:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/20/2015 09:29:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/20/2015 03:22:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (08/20/2015 02:39:09 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/20/2015 02:27:02 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/20/2015 02:20:20 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen.

Error: (08/20/2015 02:20:10 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen.


Microsoft Office:
=========================
Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time. This session ended with a crash.

Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time. This session ended with a crash.

Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time. This session ended with a crash.

Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time. This session ended with a crash.

Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time. This session ended with a crash.

Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time. This session ended with a crash.

Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time. This session ended with a crash.

Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 2812.56 MB
Verfügbarer physikalischer RAM: 1209.31 MB
Summe virtueller Speicher: 5923.43 MB
Verfügbarer virtueller Speicher: 3643.42 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:72.29 GB) (Free:4.73 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Daten) (Fixed) (Total:137 GB) (Free:10.48 GB) NTFS
Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

==================== Ende vom raportu ============================

heute kam auch noch folgende Meldung:
"Einige Features von AntiBrowserSpy-IE-SocialBlock.exe wurden in allen öffentlichen und privaten Netzwerken von der Windows-Firewall blockiert.

Name: AntiBrowserSpy-IE-SocialBlock.exe
Herausgeber: Unbekannt
Pfad: C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe

Kommunikation von Antibrowserspy-IE-SocialBlock.exe in diesen Netzwerken zulassen:
[] Private Netzwerke, beispielsweise Heim- oder Arbeitsplatznetzwerk
[x] Öffentliche Netzwerke, z.B. in Flughäfen und Cafés (nicht empfohlen, da diese Netzwerke oftmals gar nicht oder nur geringfügig geschützt sind"

Dann bestand die Option "Zugriff zulassen" oder "Abbrechen"

und zum Ende meines heutigen Eintrags bereits vorab vielen Dank an schrauber für die in Aussicht gestellte Hilfe, auch wenn es etwas gedauert hat, bis ich den Scan mit FRST gemacht habe!

W

Alt 23.08.2015, 06:59   #5
schrauber
/// the machine
/// TB-Ausbilder
 

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.08.2015, 10:12   #6
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

FRST-Datei



okay, beim nächsten Mal weiß ich es. Hier also die FRST-Datei


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
durchgeführt von Ebling (Administrator) auf HP625 (22-08-2015 11:22:27)
Gestartet von C:\Users\Ebling\Desktop
Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
() C:\Windows\System32\ieconfig_1und1_svc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(AVM Berlin) C:\Program Files\1&1\Stcenter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe
(Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [Google Update] => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-17] (Google Inc.)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\RunOnce: [Application Restart #0] => C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15]
ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15]
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] ()
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25]
ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [S-1-5-21-1320190850-2687297852-4289220983-1001] => Internet Explorer proxy ist aktiviert.
ProxyServer: [S-1-5-21-1320190850-2687297852-4289220983-1001] => localhost:8088
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
hxxp://www.bild.de/
SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {17DEF703-7B02-4191-B3CE-0C5250344CEB} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\.DEFAULT -> {979F1432-D714-4905-B07F-C9CB5EF2462E} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\.DEFAULT -> {E8A98910-41C8-4FEA-9BBF-439433B95BE5} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\.DEFAULT -> {F45BF24A-B4EC-40A7-942F-501104FC55E9} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {10FC8F81-E923-4DFC-A0DF-FFABC14D54A6} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-03-12] (IObit)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> Kein Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  Keine Datei
Toolbar: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  Keine Datei
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in  Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02]

Chrome: 
=======
CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-05-09]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08]
CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15]
StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG)
R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG)
R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.)
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.)
R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] ()
R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] ()
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] ()
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
R3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com)
S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S2 ASPI32; kein ImagePath
U3 DfSdkS; kein ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 11:22 - 2015-08-22 11:23 - 00024754 _____ C:\Users\Ebling\Desktop\FRST.txt
2015-08-22 11:21 - 2015-08-22 11:22 - 00000000 ____D C:\FRST
2015-08-22 11:20 - 2015-08-22 11:20 - 01677824 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom
2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys
2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys
2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei
2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 13:48 - 2015-08-03 13:51 - 00000000 ____D C:\windows\rescache
2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk
2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk
2015-08-01 16:09 - 2015-08-22 11:09 - 01162952 _____ C:\windows\WindowsUpdate.log
2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-01 16:07 - 2015-08-22 10:57 - 00007956 _____ C:\windows\setupact.log
2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log
2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-01 16:06 - 2015-08-01 16:06 - 00001772 _____ C:\windows\PFRO.log
2015-08-01 10:39 - 2015-08-22 10:57 - 00000378 _____ C:\windows\Tasks\Wise Care 365.job
2015-08-01 10:39 - 2015-08-20 10:00 - 00000406 _____ C:\windows\Tasks\Wise Turbo Checker.job
2015-08-01 10:31 - 2015-08-01 16:07 - 00000546 _____ C:\windows\Tasks\Wise Care 365 PC Checkup Task.job
2015-08-01 10:27 - 2015-08-22 10:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll
2015-08-01 10:27 - 2015-08-01 10:27 - 00001118 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise
2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-25 17:20 - 2015-07-25 17:20 - 06962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-22 11:17 - 2012-09-18 23:36 - 00002664 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk
2015-08-22 11:17 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
2015-08-22 11:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-22 11:07 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-22 10:58 - 2011-02-15 18:17 - 00000432 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-22 10:57 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-22 10:57 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 13:49 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy
2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling
2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom
2015-08-20 11:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job
2015-08-19 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
2015-08-19 18:52 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log
2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver
2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations
2015-08-16 22:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 19:45 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate
2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser
2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT
2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 11:24 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC
2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 __RHD C:\MSOCache
2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps
2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job
2015-07-30 20:36 - 2015-05-09 08:58 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Update Manager
2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP
2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard
2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod
2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime
2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache
2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList
2015-07-25 18:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:08 - 2015-03-28 20:40 - 00000000 ___SD C:\windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe
2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe
2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe
2015-03-29 18:02 - 2015-03-29 18:02 - 28444000 _____ (Ashampoo GmbH & Co. KG                                      ) C:\Program Files\ashampoo_winoptimizer_2015_18590.exe
2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip
2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe
2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe
2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt
2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar
2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url
2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe
2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip
2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt
2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip
2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe
2014-02-27 18:57 - 2013-01-21 02:36 - 68765992 _____ (Landesfinanzdirektion Thüringen) C:\Program Files\ElsterFormular-14.0.0.10960p.exe
2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG                                     ) C:\Program Files\fdminst.exe
2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg
2013-10-26 10:31 - 2013-10-26 10:21 - 31162768 _____ () C:\Program Files\FreeAudioConverter-5.0.30.1022.exe
2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ () C:\Program Files\FreeVideoToMP3Converter.exe
2014-01-05 13:49 - 2014-01-05 13:48 - 32244744 _____ () C:\Program Files\FreeYouTubeDownload-3.2.20.1230.exe
2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04.exe
2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export
2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip
2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software                                               ) C:\Program Files\IDM05Setup.exe
2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ (                                                            ) C:\Program Files\ifunbox_setup.exe
2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe
2011-08-12 16:25 - 2011-08-12 16:25 - 2118933 _____ (Marx Softwareentwicklung                                    ) C:\Program Files\IPESetup09261.exe
2012-10-12 22:31 - 2012-10-12 22:31 - 0077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Program Files\jDownloaderWebInstaller09581.exe
2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe
2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe
2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt
2011-04-09 07:18 - 2011-04-09 07:18 - 11239256 _____ (deepinvent Software GmbH                                    ) C:\Program Files\MailStoreHomeSetup-4.2.0.5431.exe
2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip
2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile
2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe
2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe
2014-09-01 14:24 - 2014-09-01 14:24 - 10530167 _____ (J. Rathlev                                                  ) C:\Program Files\pb-setup-5.5.1000.exe
2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd                               ) C:\Program Files\PDFX142Vwer.exe
2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe
2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd.                                      ) C:\Program Files\pwhe78.exe
2010-09-06 03:55 - 2015-07-05 11:04 - 0003630 _____ () C:\Program Files\Readme.txt
2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe
2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip
2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar
2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip
2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg
2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
2011-02-16 16:26 - 2011-02-16 16:26 - 21683544 _____ (Hewlett-Packard Company                                     ) C:\Program Files\sp49541.exe
2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip
2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe
2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe
2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe
2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db
2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe
2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com                                             ) C:\Program Files\WiseCare365_373DE.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe
2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log
2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log
2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml
2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR
2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini
2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp
2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm
2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg
2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db
2014-02-15 10:42 - 2014-02-15 10:42 - 1364399 _____ () C:\ProgramData\1392451495.bdinstall.bin
2014-03-20 14:55 - 2014-03-20 14:55 - 0253886 _____ () C:\ProgramData\1395319610.bdinstall.bin
2014-03-20 15:54 - 2014-03-20 15:54 - 1108989 _____ () C:\ProgramData\1395320619.bdinstall.bin
2014-03-20 15:59 - 2014-03-20 15:59 - 0056385 _____ () C:\ProgramData\1395323941.bdinstall.bin
2014-03-20 16:31 - 2014-03-20 16:31 - 3180570 _____ () C:\ProgramData\1395324509.bdinstall.bin
2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda
2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini
2011-02-16 14:03 - 2014-06-25 20:03 - 0000000 _____ () C:\ProgramData\xml3D4F.tmp
2011-02-16 14:03 - 2014-12-06 11:49 - 0015350 _____ () C:\ProgramData\xml4155.tmp
2011-02-16 14:03 - 2011-02-16 14:03 - 0001629 _____ () C:\ProgramData\xml428E.tmp
2014-12-06 11:49 - 2014-12-06 11:49 - 0006028 _____ () C:\ProgramData\xml4E12.tmp

Einige Dateien in TEMP:
====================
C:\Users\Doris\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ebling\AppData\Local\Temp\btins.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-03 10:45

==================== Ende vom raportu ============================
         
--- --- ---

Alt 23.08.2015, 11:25   #7
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



und hier die Addition-Datei:

FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
durchgeführt von Ebling (2015-08-22 11:26:05)
Gestartet von C:\Users\Ebling\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled)
DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW
Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris
Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling
Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version:  - Joerg Rosenthal, Germany)
AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 2.62 (HKLM\...\CloneSpy) (Version:  - CloneSpy)
COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DirPrintOK (HKLM\...\DirPrintOK) (Version:  - )
EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.)
iDevice Manager (HKLM\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 5.0.0.0 - Marx Software)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - )
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version:  - MiniTool Solution Ltd.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version:  - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.)
PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version:  - )
PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version:  - )
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version:  - )
SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad

==================== Wiederherstellungspunkte =========================

16-08-2015 13:24:16 Windows Update
17-08-2015 10:16:36 Installed TomTom HOME.
17-08-2015 10:30:13 Removed TomTom HOME.
19-08-2015 22:30:53 Windows Update
20-08-2015 13:36:19 Installed Bluetooth Software

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2013-11-09 04:23 - 00000893 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.google-analytics.com
127.0.0.1 google-analytics.com


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools"
Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015"
Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] ()
Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL"
Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG)
Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {5BF671C8-011A-460A-99B5-366A17D75C6E} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2015-05-12] (WiseCleaner.COM)
Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\
Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] ()
Task: {70BFAB2A-6C59-4B2E-8435-4E319F28F7AE} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [2015-07-01] (WiseCleaner.com)
Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603
Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix"
Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box"
Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {9B9B14A7-54D1-453C-AFEE-E91D118F3B31} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe
Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] ()
Task: {B8AF33E7-CFDB-4410-A365-6593DC01A192} - System32\Tasks\Uninstaller_SkipUac_Ebling => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {CB1078AD-B5F2-4DC1-8562-52E51BB18B43} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe"
Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files"
Task: {DA27E8F3-6587-46EF-AEFF-A1904A36D21A} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2015-06-04] (WiseCleaner.com)
Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop
Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {EAD8E160-4EB7-44C6-8388-7595B0CBBB11} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe
Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe
Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe
Task: C:\windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files\Wise\Wise Care 365\WiseCare365.exe
Task: C:\windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe
2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-16 12:22 - 2015-08-08 02:13 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ibackupbot_setup.exe:BDU
AlternateDataStreams: C:\wm2014xxl.exe:BDU
AlternateDataStreams: C:\Program Files\ashampoo_winoptimizer_2015_18590.exe:BDU
AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU
AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU
AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU
AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU
AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU
AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU
AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC
AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Classes\.exe:  =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => ~"C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe
FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe
FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe
FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869
FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe
FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/03/2015 09:18:10 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:08 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:05 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:03 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1


Systemfehler:
=============
Error: (08/22/2015 10:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/21/2015 10:01:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/20/2015 09:29:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/20/2015 03:22:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (08/20/2015 02:39:09 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (08/20/2015 02:27:02 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 

Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/20/2015 02:24:58 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (08/20/2015 02:20:20 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen.

Error: (08/20/2015 02:20:10 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:24:d4:88) ist fehlgeschlagen.


Microsoft Office:
=========================
Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time.  This session ended with a crash.

Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time.  This session ended with a crash.

Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time.  This session ended with a crash.

Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time.  This session ended with a crash.

Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time.  This session ended with a crash.

Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 2812.56 MB
Verfügbarer physikalischer RAM: 1209.31 MB
Summe virtueller Speicher: 5923.43 MB
Verfügbarer virtueller Speicher: 3643.42 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:72.29 GB) (Free:4.73 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Daten) (Fixed) (Total:137 GB) (Free:10.48 GB) NTFS
Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

==================== Ende vom raportu ============================
         
--- --- ---


Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 15-08-20.01 - Ebling 23.08.2015  10:29:36.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.2813.1558 [GMT 2:00]
ausgeführt von:: c:\users\Ebling\Desktop\ComboFix.exe
AV: G Data InternetSecurity CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G Data Personal Firewall *Enabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G Data InternetSecurity CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ashampoo_winoptimizer_2015_18590.exe
c:\program files\ElsterFormular-14.0.0.10960p.exe
c:\program files\FreeAudioConverter-5.0.30.1022.exe
c:\program files\FreeYouTubeDownload-3.2.20.1230.exe
c:\program files\IPESetup09261.exe
c:\program files\jDownloaderWebInstaller09581.exe
c:\program files\MailStoreHomeSetup-4.2.0.5431.exe
c:\program files\pb-setup-5.5.1000.exe
c:\program files\readme.txt
c:\program files\sp49541.exe
c:\programdata\1392451495.bdinstall.bin
c:\programdata\1395319610.bdinstall.bin
c:\programdata\1395320619.bdinstall.bin
c:\programdata\1395323941.bdinstall.bin
c:\programdata\1395324509.bdinstall.bin
c:\programdata\xml3D4F.tmp
c:\programdata\xml4155.tmp
c:\programdata\xml428E.tmp
c:\programdata\xml4E12.tmp
c:\users\Ebling\Documents\CDBXP_SETUP_4.4.1.3243.TMP
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-07-23 bis 2015-08-23  ))))))))))))))))))))))))))))))
.
.
2015-08-23 08:50 . 2015-08-23 08:50	--------	d-----w-	c:\users\Doris\AppData\Local\temp
2015-08-23 08:50 . 2015-08-23 09:06	--------	d-----w-	c:\users\Ebling\AppData\Local\temp
2015-08-23 08:50 . 2015-08-23 08:50	--------	d-----w-	c:\users\DHBW\AppData\Local\temp
2015-08-23 08:50 . 2015-08-23 08:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-08-23 08:50 . 2015-08-23 08:50	--------	d-----w-	c:\windows\system32\config\systemprofile\AppData\Local\temp
2015-08-22 09:21 . 2015-08-22 09:27	--------	d-----w-	C:\FRST
2015-08-20 11:50 . 2015-08-20 11:50	--------	d-----w-	c:\users\Ebling\AppData\Local\Broadcom
2015-08-20 11:43 . 2010-07-20 11:26	111656	----a-w-	c:\windows\system32\drivers\btwavdt.sys
2015-08-20 11:43 . 2010-07-14 04:25	297000	----a-w-	c:\windows\system32\drivers\btwampfl.sys
2015-08-20 11:43 . 2010-03-02 12:37	33320	----a-w-	c:\windows\system32\drivers\btwl2cap.sys
2015-08-20 11:43 . 2010-07-20 11:26	88616	----a-w-	c:\windows\system32\drivers\btwaudio.sys
2015-08-20 11:43 . 2010-07-20 11:26	18728	----a-w-	c:\windows\system32\drivers\btwrchid.sys
2015-08-19 20:31 . 2015-08-11 00:33	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2015-08-19 12:10 . 2011-10-24 04:04	195200	----a-w-	c:\windows\system32\drivers\hw_quusbmdm.sys
2015-08-19 12:10 . 2011-10-24 03:51	102272	----a-w-	c:\windows\system32\drivers\hw_usbdev.sys
2015-08-19 12:10 . 2015-08-19 16:18	--------	d-----w-	c:\program files\Huawei
2015-08-16 11:25 . 2015-07-30 13:13	103120	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 09:43 . 2015-07-28 20:00	598528	----a-w-	c:\windows\system32\generaltel.dll
2015-08-16 09:41 . 2015-07-15 02:55	44032	----a-w-	c:\windows\system32\basesrv.dll
2015-08-16 09:41 . 2015-07-15 02:55	1390592	----a-w-	c:\windows\system32\msxml6.dll
2015-08-16 09:41 . 2015-07-15 02:55	1241088	----a-w-	c:\windows\system32\msxml3.dll
2015-08-16 09:41 . 2015-07-15 02:51	2048	----a-w-	c:\windows\system32\msxml6r.dll
2015-08-16 09:41 . 2015-07-15 02:51	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-08-16 09:29 . 2015-08-16 10:29	9284296	----a-w-	c:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 11:48 . 2015-08-03 11:51	--------	d-----w-	c:\windows\rescache
2015-08-01 08:27 . 2015-08-01 08:27	13264	----a-w-	c:\windows\WiseHDInfo32.dll
2015-08-01 08:27 . 2015-08-23 08:17	--------	d-----w-	c:\users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 08:27 . 2015-08-01 08:27	--------	d-----w-	c:\program files\Wise
2015-07-28 06:54 . 2015-07-28 06:54	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-07-28 06:54 . 2015-07-28 06:54	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-07-28 06:54 . 2015-07-28 06:54	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-07-28 06:54 . 2015-07-28 06:54	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-07-28 06:54 . 2015-07-28 06:54	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-07-25 15:20 . 2015-07-25 15:20	6962912	----a-w-	c:\program files\Silverlight.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-16 10:29 . 2012-05-25 08:47	778440	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-08-16 10:29 . 2011-06-04 10:20	142536	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-21 16:05 . 2015-07-21 16:05	5493352	----a-w-	c:\program files\IDM05Setup.exe
2015-07-15 18:37 . 2015-08-16 09:42	2560	----a-w-	c:\windows\system32\drivers\de-DE\mountmgr.sys.mui
2015-07-05 09:04 . 2013-10-08 11:22	794272	----a-w-	c:\program files\Core Temp.exe
2015-07-04 17:48 . 2015-07-17 18:06	1414656	----a-w-	c:\windows\system32\ole32.dll
2015-06-17 17:39 . 2015-07-17 18:06	305664	----a-w-	c:\windows\system32\gdi32.dll
2015-06-16 23:01 . 2015-06-16 23:01	1202856	----a-w-	c:\windows\system32\FM20.DLL
2015-06-16 22:23 . 2015-06-16 22:23	94208	----a-w-	c:\windows\system32\QuickTimeVR.qtx
2015-06-16 22:23 . 2015-06-16 22:23	69632	----a-w-	c:\windows\system32\QuickTime.qts
2015-06-15 21:47 . 2015-07-17 18:06	101824	----a-w-	c:\windows\system32\consent.exe
2015-06-15 21:43 . 2015-07-17 18:06	2364416	----a-w-	c:\windows\system32\msi.dll
2015-06-15 21:43 . 2015-07-17 18:06	337408	----a-w-	c:\windows\system32\msihnd.dll
2015-06-15 21:43 . 2015-07-17 18:06	1805824	----a-w-	c:\windows\system32\authui.dll
2015-06-15 21:43 . 2015-07-17 18:06	47104	----a-w-	c:\windows\system32\appinfo.dll
2015-06-15 21:42 . 2015-07-17 18:06	73216	----a-w-	c:\windows\system32\msiexec.exe
2015-06-15 21:37 . 2015-07-17 18:06	25088	----a-w-	c:\windows\system32\msimsg.dll
2015-06-09 19:35 . 2015-07-17 18:05	2745856	----a-w-	c:\windows\system32\rdpcorets.dll
2015-06-09 19:35 . 2015-07-17 18:05	13824	----a-w-	c:\windows\system32\RdpGroupPolicyExtension.dll
2015-06-01 23:47 . 2015-07-17 18:05	210432	----a-w-	c:\windows\system32\cewmdm.dll
2015-05-25 18:01 . 2015-06-12 09:23	853504	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-12 09:23	635392	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-12 09:23	92160	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-12 09:23	641536	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-12 09:23	40448	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-12 09:23	364544	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-12 09:23	37888	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-12 09:23	82944	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-12 09:23	17408	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 16:53 . 2015-06-12 09:23	36864	----a-w-	c:\windows\system32\UtcResources.dll
2015-05-09 07:02 . 2015-05-09 07:02	2204160	----a-w-	c:\program files\adwcleaner_4.203.exe
2015-05-03 20:35 . 2015-05-03 20:35	891224	----a-w-	c:\program files\amddriverdownloader.exe
2015-05-03 16:51 . 2015-05-03 16:51	30650288	----a-w-	c:\program files\FreeVideoToMP3Converter.exe
2015-04-23 16:41 . 2015-04-23 16:41	21348024	----a-w-	c:\program files\ifunbox_setup.exe
2015-03-06 13:20 . 2015-03-06 13:20	2314104	----a-w-	c:\program files\avira_pc_cleaner_de.exe
2014-11-06 21:57 . 2014-11-06 21:57	31119112	----a-w-	c:\program files\TomTomHOME2winlatest.exe
2014-06-28 14:18 . 2014-06-28 14:18	2617176	----a-w-	c:\program files\revosetup193.exe
2014-06-09 16:51 . 2014-06-09 16:51	583496	----a-w-	c:\program files\tb_free_installer.exe
2014-05-18 18:19 . 2014-05-18 18:19	699943	----a-w-	c:\program files\wmv2-1.9.8.exe
2014-04-16 07:26 . 2014-04-16 07:26	16587248	----a-w-	c:\program files\PDFX142Vwer.exe
2014-02-15 19:24 . 2014-02-27 16:57	3930129	----a-w-	c:\program files\Setup_Migraene-Tagebuch.exe
2014-02-15 12:36 . 2014-02-27 16:57	30796712	----a-w-	c:\program files\jre-7u51-windows-x64.exe
2013-09-09 16:55 . 2013-05-29 13:04	8334304	----a-w-	c:\program files\CopyTransManager.exe
2013-09-09 16:46 . 2014-02-27 16:57	4279392	----a-w-	c:\program files\Install_CopyTrans_Suite.exe
2013-05-20 12:16 . 2014-02-27 16:57	15102976	----a-w-	c:\program files\pwhe78.exe
2013-05-19 15:18 . 2014-02-27 16:57	13431464	----a-w-	c:\program files\anytrans-setup.exe
2013-05-08 18:44 . 2014-02-27 16:57	4894912	----a-w-	c:\program files\kavremover.exe
2013-01-11 21:56 . 2014-02-27 16:57	18291784	----a-w-	c:\program files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 19:32 . 2013-01-06 19:34	18291784	------w-	c:\program files\FRITZ!fax_3.07.04.exe
2012-12-01 22:59 . 2012-12-01 22:54	15271824	----a-w-	c:\program files\picasa39-setup.exe
2012-11-17 10:49 . 2012-11-17 10:48	3167176	----a-w-	c:\program files\TeamViewerQS_de.exe
2012-09-02 12:02 . 2012-09-02 12:02	290154	----a-w-	c:\program files\mp3DirectCut2.16.exe
2012-07-17 20:51 . 2012-07-17 20:53	883840	----a-w-	c:\program files\Avira-DE-Cleaner.exe
2012-06-05 18:14 . 2012-07-17 20:06	7207866	----a-w-	c:\program files\fdminst.exe
2012-05-02 13:57 . 2012-05-02 13:44	50449456	----a-w-	c:\program files\dotNetFx40_Full_x86_x64.exe
2011-11-13 14:45 . 2011-11-13 14:42	14598944	----a-w-	c:\program files\Firefox Setup 8.0.exe
2011-03-06 12:48 . 2011-03-06 12:48	417048	----a-w-	c:\program files\msgr10de.exe
2010-09-23 18:46 . 2010-09-23 18:46	655360	----a-w-	c:\program files\TCPOptimizer.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-03-12 18:05	752960	----a-w-	c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-10 22:28	220632	----a-w-	c:\users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-10 22:28	220632	----a-w-	c:\users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-10 22:28	220632	----a-w-	c:\users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 90624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-15 98304]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2011-11-12 495708]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-12-19 1724728]
.
c:\users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Persbackup.lnk - c:\program files\Personal Backup 5\Persbackup.exe /auto [2014-6-5 6364672]
.
c:\users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
1&1 FRITZ!Box starter.lnk - c:\windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe [2011-3-15 29184]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 836896]
Hama Wireless LAN Utility.lnk - c:\program files\Hama\Common\RaUI.exe -s [2011-2-15 6479712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.5 BD Edition.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk
backup=c:\windows\pss\Scanner Finder.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx PC-Putzer.lnk
backup=c:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk]
path=c:\users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk
backup=c:\windows\pss\Persbackup.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2015-05-15 14:26	60712	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
2015-04-14 07:14	2089056	----a-w-	c:\program files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\estar]
2006-11-28 22:26	77824	----a-w-	c:\system.sav\util\HideDOS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWirelessAssistant]
2010-04-05 18:11	8192	----a-w-	c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iFunBox Fast App Install Handler]
2015-04-12 12:55	2370560	----a-w-	c:\program files\i-Funbox DevTeam\iFunBox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2015-07-11 16:38	157992	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\miTracker]
2012-05-02 05:44	4391424	------w-	c:\program files\miTracker\miTracker.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Partner]
2014-09-05 07:36	585760	----a-w-	c:\program files\HiSuite\HiSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
2010-03-06 21:39	563736	----a-w-	c:\program files\PDF Complete\pdfsty.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2013-12-12 08:27	186408	------w-	c:\program files\PDF24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2015-06-16 22:23	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UM]
2015-07-30 18:36	24258	----a-w-	c:\users\Ebling\AppData\Roaming\Update Manager\UM.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
.
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2014-11-18 15968]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2014-11-18 10208]
R3 HWHandSet;HUAWEISPMODEM;c:\windows\system32\DRIVERS\hw_quusbmdm.sys [2011-10-24 195200]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-07-16 102912]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-09-30 15688]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-09-30 10320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-10 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [2009-08-10 93848]
R3 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2012-07-16 2416040]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-09 1343400]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2015-03-29 44544]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2014-05-19 27464]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2015-03-29 101504]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2015-03-29 53248]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2015-03-29 29528]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2015-03-29 50176]
S1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys [2014-05-19 20616]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2011-11-12 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-22 176128]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-02-12 2244728]
S2 AVKService;G Data Scheduler;c:\program files\G Data\InternetSecurity\AVK\AVKService.exe [2013-12-19 914552]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2014-03-25 2159472]
S2 avmike;AVM FRITZ!Fernzugang IKE Service;c:\program files\FRITZ!Fernzugang\avmike.exe [2010-03-30 254328]
S2 certsrv;AVM FRITZ!Fernzugang Cert Service;c:\program files\FRITZ!Fernzugang\certsrv.exe [2010-03-30 121720]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HiSuiteOuc.exe;HiSuiteOuc.exe;c:\programdata\HiSuiteOuc\HiSuiteOuc.exe [2014-09-05 117280]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe;c:\programdata\HandSetService\HuaweiHiSuiteService.exe [2014-09-05 180768]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\1&1\IGDCTRL.EXE [2007-10-25 87344]
S2 nwtsrv;AVM FRITZ!Fernzugang Client;c:\program files\FRITZ!Fernzugang\nwtsrv.exe [2010-03-30 153464]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 serviceIEConfig;IEConfig 1und1 Edition;c:\windows\System32\ieconfig_1und1_svc.exe [2011-03-15 1053848]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-05-22 101392]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2010-11-13 101248]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys [2010-09-12 101248]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-14 297000]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 33320]
S3 GDFwSvc;G Data Personal Firewall;c:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2014-01-30 2409280]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2015-03-29 56832]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2014-02-03 700024]
S3 NWIM;AVM VPN Miniport;c:\windows\system32\DRIVERS\avmnwim.sys [2010-03-30 335224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2013-12-29 679128]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 25088]
S3 WiseHDInfo;WiseHDInfo;c:\windows\WiseHDInfo32.dll [2015-08-01 13264]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc	REG_MULTI_SZ   	DiagTrack
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-25 10:29]
.
2015-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-25 16:41]
.
2015-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-25 16:41]
.
2015-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
- c:\users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-18 20:33]
.
2015-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
- c:\users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-18 20:33]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job
- c:\users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19 20:33]
.
2015-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job
- c:\users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-19 20:33]
.
2015-08-20 c:\windows\Tasks\HPCeeScheduleForEbling.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
2015-07-22 c:\windows\Tasks\HPCeeScheduleForHP625$.job
- c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05 10:53]
.
2015-07-31 c:\windows\Tasks\One-Click Optimizer WO11.job
- c:\program files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-03-29 08:51]
.
2015-08-01 c:\windows\Tasks\Wise Care 365 PC Checkup Task.job
- c:\program files\Wise\Wise Care 365\WiseCare365.exe [2015-08-01 11:20]
.
2015-08-23 c:\windows\Tasks\Wise Care 365.job
- c:\program files\Wise\Wise Care 365\WiseTray.exe [2015-08-01 11:04]
.
2015-08-23 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files\Wise\Wise Care 365\WiseTurbo.exe [2015-08-01 14:22]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyServer = localhost:8088
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://go.1und1.de/suchbox/1und1suche?su=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\Ebling\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSConfigStartUp-Messenger (Yahoo!) - ~c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
.
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7601 
.
CreateFile("\\.\PHYSICALDRIVE0"): Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
device: opened successfully
user: error reading MBR 
kernel: MBR read successfully
user != kernel MBR !!! 
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\serviceIEConfig]
"ImagePath"="c:\windows\System32\ieconfig_1und1_svc.exe /startedbyscm:016FE01B-40E31F2D-serviceIEConfig"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
   eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{353E2A48-6254-4BD3-88F4-3B51A0CA7870}"=hex:51,66,7a,6c,4c,1d,38,12,26,29,2d,
   31,66,2c,bd,0e,f7,e2,78,11,a5,94,3c,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2E250B90-0E7A-42A3-9D65-E39F9F227FA4}"=hex:51,66,7a,6c,4c,1d,38,12,fe,08,36,
   2a,48,40,cd,07,e2,73,a0,df,9a,7c,3b,b0
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
   76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
   aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{D48FF4B4-E68F-47D1-8E25-81A0F0EEB341}"=hex:51,66,7a,6c,4c,1d,38,12,da,f7,9c,
   d0,bd,a8,bf,02,f1,33,c2,e0,f5,b0,f7,55
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
   2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
   fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{10149DAF-506B-4488-8376-DF24F0185196}"=hex:51,66,7a,6c,4c,1d,38,12,c1,9e,07,
   14,59,1e,e6,01,fc,60,9c,64,f5,46,15,82
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
   b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
"{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}"=hex:51,66,7a,6c,4c,1d,38,12,b0,b9,4d,
   f6,7d,c9,e9,34,a3,d9,d9,b3,34,2e,92,ca
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d2,c1,8d,8d,a7,97,7e,48,a4,12,32,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d2,c1,8d,8d,a7,97,7e,48,a4,12,32,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1188)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Hama\Common\RaRegistry.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\taskhost.exe
c:\program files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
c:\program files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
c:\program files\AntiBrowserSpy\BrowserMask.exe
c:\windows\system32\conhost.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-23  11:11:05 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-08-23 09:11
.
Vor Suchlauf: 4.307.243.008 Bytes frei
Nach Suchlauf: 3.866.079.232 Bytes frei
.
- - End Of File - - 5A7B6B8D457355B88C2DAA5B4C81C221
         
--- --- --- 5C616939100B85E558DA92B899A0FC36

Alt 23.08.2015, 20:34   #8
schrauber
/// the machine
/// TB-Ausbilder
 

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.08.2015, 22:38   #9
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



so, es folgen nun die Dateien:
mbam.txt
adwcleaner[C2].txt
jrt.txt
frst.txt.

Wegen der Überlänge schicke ich
addition.txt
separat.

Ich hoffe, dass es meinem Notebook jetzt wieder gut geht - und vorab schon einmal vielen Dank für die Unterstützung!
webling

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.08.2015
Suchlaufzeit: 21:09
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.23.05
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Ebling

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 476449
Abgelaufene Zeit: 37 Min., 53 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 12
PUP.Optional.OpenCandy.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUserC62DE06E909C47CC912374409EB8AA04, Löschen bei Neustart, [3e03c94399f286b0f74478a5d62dcd33], 
PUP.Optional.OpenCandy.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce51A4C5C9B3BA4157831D4FCC7F5D8A1A, Löschen bei Neustart, [ac9597757c0f0e28a3987e9fb54e9c64], 
PUP.Optional.Spigot.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, In Quarantäne, [8bb618f4701b5bdbbf4daaeb45bf6d93], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{10FC8F81-E923-4DFC-A0DF-FFABC14D54A6}, In Quarantäne, [76cb1defbdce8fa70f690c19847fdb25], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431}, In Quarantäne, [be83ad5f7a110630a6d2a184659e9e62], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\Datamngr, In Quarantäne, [3e0365a7f19a41f5163cacce42c2e51b], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, In Quarantäne, [380916f6c5c695a19775692c51b33ac6], 
PUP.Optional.SerachQU.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In Quarantäne, [5ce539d3c6c58da94f14e63b6f9417e9], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C42B08C2-4800-4F66-A694-D959FAD2498C}, In Quarantäne, [1f22c646dab18aac285037eede25c53b], 
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\WNLT, In Quarantäne, [e0612ddf2467ac8aca84d5aced1753ad], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1007\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, In Quarantäne, [af92b4589fecb18518f44c49c4402ad6], 
PUP.Optional.SerachQU.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1007\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In Quarantäne, [c67b7894d4b76bcbca992df4a16211ef], 

Registrierungswerte: 7
PUP.Optional.SweetPacks.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EEE6C35B-6118-11DC-9C72-001320C79847}, In Quarantäne, [57eac448ec9fb1854fd236628e74b24e], 
PUP.Optional.SweetPacks.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EEE6C35B-6118-11DC-9C72-001320C79847}, ????????, In Quarantäne, [57eac448ec9fb1854fd236628e74b24e]
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{10FC8F81-E923-4DFC-A0DF-FFABC14D54A6}|URL, https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=386496&p={searchTerms}, In Quarantäne, [76cb1defbdce8fa70f690c19847fdb25]
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}, In Quarantäne, [be83ad5f7a110630a6d2a184659e9e62]
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6C4B03E8-9DE0-4F32-9FED-DA4B3A10C431}|OSDFileURL, file:///C:/Program%20Files/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, In Quarantäne, [3c05a5672962d85ec7a7555454b06c94]
PUP.Optional.Spigot.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C42B08C2-4800-4F66-A694-D959FAD2498C}|URL, hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}, In Quarantäne, [1f22c646dab18aac285037eede25c53b]
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1320190850-2687297852-4289220983-1002\SOFTWARE\WNLT|URL, In Quarantäne, [e0612ddf2467ac8aca84d5aced1753ad], 

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 4
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 

Dateien: 12
PUP.Optional.SweetIM, C:\Windows\Installer\9f9606.msi, In Quarantäne, [3110fc10f69550e6da2cd1ad8e775aa6], 
PUP.Optional.SweetIM, C:\Windows\Installer\9f9612.msi, In Quarantäne, [47faf21a701b4ee89a6c4539709559a7], 
PUP.Optional.SweetIM, C:\Windows\Installer\9f961e.msi, In Quarantäne, [9da4a26a870490a6e71f7b03cb3ac040], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\473d5c007e793590a1db512a6ef4eb57.games2.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\53b597b55d8412d563b720d3585c1af8.facebook.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\7c1329c14e8f09f2e97e3522bcd7e126.toolbar46.xml, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\8d03c0783b1e34c2b403cee25e4f3d73.options_remote44b_no_fb.html, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\ccbd8b558f1d599e360b3dc00c89e1b1.facebook2.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\d7663980840977888075cdf06da9e63d.facebook2_hover.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.SweetIM.A, C:\Windows\System32\config\systemprofile\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\dda5971490977d5465f836a12522f1a1.games3.png, In Quarantäne, [f34ed13b6c1f56e06213608b976b9e62], 
PUP.Optional.Spigot.A, C:\Users\Ebling\AppData\Roaming\Mozilla\Firefox\Profiles\2hjeq2vf.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=302398&ilc=12&p=");), Ersetzt,[cc7535d78efdff37fcbcdeb39d6816ea]
PUP.Optional.Spigot.A, C:\Users\Ebling\AppData\Roaming\Mozilla\Firefox\Profiles\2hjeq2vf.default\prefs.js, Gut: (), Schlecht: (tp.sendRefererHeader", 2);
user_pref("keyword.URL", "hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_), Ersetzt,[83be0c007d0e77bf63555e3394710af6]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.003 - Bericht erstellt 23/08/2015 um 22:02:29
# Aktualisiert 20/08/2015 von Xplode
# Datenbank : 2015-08-23.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Ebling - HP625
# Gestarted von : C:\Users\Ebling\Desktop\AdwCleaner_5.003.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\FreeRIP
[-] Ordner Gelöscht : C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
[-] Ordner Gelöscht : C:\Users\Ebling\AppData\Roaming\Update Manager

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Wert Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1

***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1769 Bytes] ##########
         
--- --- ---

[/CODE]

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Home Premium x86
Ran by Ebling on 23.08.2015 at 22:07:34,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Failed to delete: [Task] C:\windows\System32\tasks\Wise Care 365 PC Checkup Task
Successfully deleted: [Task] C:\windows\System32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\windows\System32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013
Successfully deleted: [Task] C:\windows\System32\tasks\Uninstaller_SkipUac_Administrator
Successfully deleted: [Task] C:\windows\System32\tasks\Uninstaller_SkipUac_Ebling
Successfully deleted: [Task] C:\windows\System32\tasks\Wise Care 365
Successfully deleted: [Task] C:\windows\System32\tasks\Wise Turbo Checker
Successfully deleted: [Task] C:\windows\Tasks\Wise Care 365 PC Checkup Task.job
Successfully deleted: [Task] C:\windows\Tasks\Wise Care 365.job
Successfully deleted: [Task] C:\windows\Tasks\Wise Turbo Checker.job



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files\software4u
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\ProgramData\software4u
Successfully deleted: [Folder] C:\Users\Ebling\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\Ebling\AppData\Roaming\productdata
Successfully deleted: [Folder] C:\Users\Ebling\AppData\Roaming\software4u



~~~ Chrome


[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
fopdddcinljmpmioaklghcalngfhbaen

[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Ebling\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  fopdddcinljmpmioaklghcalngfhbaen,
  gkcefkcdkepgkpbgncjchhbjgoanleod
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.08.2015 at 22:11:26,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-08-2015 03
durchgeführt von Ebling (Administrator) auf HP625 (23-08-2015 22:24:13)
Gestartet von C:\Users\Ebling\Desktop
Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
() C:\Windows\System32\ieconfig_1und1_svc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(AVM Berlin) C:\Program Files\1&1\Stcenter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.)
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15]
ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15]
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] ()
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25]
ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02]

Chrome: 
=======
CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-08-23]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08]
CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15]
StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG)
R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG)
R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.)
R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] ()
R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] ()
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] ()
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
S3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com)
S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 ASPI32; kein ImagePath
S3 catchme; \??\C:\Users\Ebling\AppData\Local\Temp\catchme.sys [X]
U3 DfSdkS; kein ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 22:21 - 2015-08-23 22:21 - 00056919 _____ C:\Users\Ebling\Desktop\FRST-23082015.txt
2015-08-23 22:11 - 2015-08-23 22:11 - 00002771 _____ C:\Users\Ebling\Desktop\JRT.txt
2015-08-23 22:06 - 2015-08-23 22:06 - 00001848 _____ C:\Users\Ebling\Desktop\AdwCleaner[C2].txt
2015-08-23 21:58 - 2015-08-23 21:58 - 00008180 _____ C:\Users\Ebling\Desktop\mbam.txt
2015-08-23 21:49 - 2015-08-23 21:49 - 00007758 _____ C:\Users\Ebling\Desktop\ergebnis-anti-malware-23.08.2015-21-49h.txt
2015-08-23 21:07 - 2015-08-23 22:18 - 00098520 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 21:07 - 2015-08-23 21:07 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-23 21:07 - 2015-08-23 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-23 21:06 - 2015-08-23 21:07 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-08-23 21:06 - 2015-08-23 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 21:06 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-08-23 21:06 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-08-23 21:06 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-08-23 21:03 - 2015-08-23 21:03 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Ebling\Desktop\JRT.exe
2015-08-23 21:02 - 2015-08-23 21:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ebling\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-23 21:02 - 2015-08-23 21:02 - 01605632 _____ C:\Users\Ebling\Desktop\AdwCleaner_5.003.exe
2015-08-23 21:01 - 2015-08-23 21:01 - 04798152 _____ (WinZip International LLC ) C:\Users\Ebling\Desktop\wzmp_10.exe
2015-08-23 19:39 - 2015-08-23 22:17 - 00000374 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-23 11:11 - 2015-08-23 11:11 - 00032637 _____ C:\ComboFix.txt
2015-08-23 10:24 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-08-23 10:24 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-08-23 10:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-08-23 10:22 - 2015-08-23 11:11 - 00000000 ____D C:\Qoobox
2015-08-23 10:21 - 2015-08-23 11:09 - 00000000 ____D C:\windows\erdnt
2015-08-23 10:16 - 2015-08-23 10:16 - 05635234 ____R (Swearware) C:\Users\Ebling\Desktop\ComboFix.exe
2015-08-22 11:26 - 2015-08-22 11:27 - 00065878 _____ C:\Users\Ebling\Desktop\Addition.txt
2015-08-22 11:22 - 2015-08-23 22:24 - 00022787 _____ C:\Users\Ebling\Desktop\FRST.txt
2015-08-22 11:21 - 2015-08-23 22:24 - 00000000 ____D C:\FRST
2015-08-22 11:20 - 2015-08-22 11:20 - 01677824 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom
2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys
2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys
2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei
2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 13:48 - 2015-08-03 13:51 - 00000000 ____D C:\windows\rescache
2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk
2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk
2015-08-01 16:09 - 2015-08-23 22:20 - 01246137 _____ C:\windows\WindowsUpdate.log
2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-01 16:07 - 2015-08-23 22:16 - 00008292 _____ C:\windows\setupact.log
2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log
2015-08-01 16:06 - 2015-08-23 22:03 - 00007922 _____ C:\windows\PFRO.log
2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-01 10:27 - 2015-08-23 22:04 - 00002004 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2015-08-01 10:27 - 2015-08-23 10:17 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise
2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-07-25 17:20 - 2015-07-25 17:20 - 06962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-23 22:18 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 22:16 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-23 22:15 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-23 22:15 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-23 22:12 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
2015-08-23 22:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\IObit
2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\ProgramData\IObit
2015-08-23 22:02 - 2015-05-09 09:03 - 00000000 ____D C:\AdwCleaner
2015-08-23 21:59 - 2012-03-11 00:18 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForHP625$.job
2015-08-23 21:52 - 2009-07-14 04:37 - 00000000 ____D C:\windows\LiveKernelReports
2015-08-23 21:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-23 11:05 - 2009-07-14 04:04 - 00000215 _____ C:\windows\system.ini
2015-08-23 10:52 - 2009-07-14 04:03 - 78118912 _____ C:\windows\system32\config\SOFTWARE.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 40632320 _____ C:\windows\system32\config\COMPON~1.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 27525120 _____ C:\windows\system32\config\SYSTEM.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 02359296 _____ C:\windows\system32\config\DEFAULT.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 00094208 _____ C:\windows\system32\config\SAM.bak
2015-08-23 10:24 - 2012-09-18 23:36 - 00002664 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk
2015-08-23 10:00 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy
2015-08-23 10:00 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC
2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling
2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom
2015-08-20 11:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job
2015-08-19 18:52 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log
2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver
2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations
2015-08-16 19:45 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate
2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser
2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT
2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 ___RD C:\MSOCache
2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps
2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job
2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP
2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard
2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod
2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime
2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache
2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList
2015-07-25 18:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-25 09:08 - 2015-03-28 20:40 - 00000000 ___SD C:\windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe
2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe
2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe
2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip
2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe
2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe
2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt
2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar
2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url
2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe
2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip
2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt
2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip
2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe
2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG                                     ) C:\Program Files\fdminst.exe
2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg
2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ (DVDVideoSoft Ltd.                                           ) C:\Program Files\FreeVideoToMP3Converter.exe
2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04.exe
2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export
2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip
2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software                                               ) C:\Program Files\IDM05Setup.exe
2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ (                                                            ) C:\Program Files\ifunbox_setup.exe
2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe
2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe
2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe
2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt
2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip
2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile
2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe
2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe
2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd                               ) C:\Program Files\PDFX142Vwer.exe
2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe
2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd.                                      ) C:\Program Files\pwhe78.exe
2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe
2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip
2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar
2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip
2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg
2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip
2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe
2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe
2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe
2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db
2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe
2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com                                             ) C:\Program Files\WiseCare365_373DE.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe
2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log
2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log
2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml
2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR
2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini
2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp
2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm
2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg
2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db
2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda
2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini

Einige Dateien in TEMP:
====================
C:\Users\Ebling\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-03 10:45

==================== Ende vom raportu ============================
         
--- --- ---

Alt 23.08.2015, 22:39   #10
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



und nun die addition.txt-Datei:

FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-08-2015 03
durchgeführt von Ebling (2015-08-23 22:24:58)
Gestartet von C:\Users\Ebling\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled)
DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW
Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris
Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling
Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version:  - Joerg Rosenthal, Germany)
AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 2.62 (HKLM\...\CloneSpy) (Version:  - CloneSpy)
COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DirPrintOK (HKLM\...\DirPrintOK) (Version:  - )
EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - )
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version:  - MiniTool Solution Ltd.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version:  - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.)
PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version:  - )
PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version:  - )
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version:  - )
SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad

==================== Wiederherstellungspunkte =========================

16-08-2015 13:24:16 Windows Update
17-08-2015 10:16:36 Installed TomTom HOME.
17-08-2015 10:30:13 Removed TomTom HOME.
19-08-2015 22:30:53 Windows Update
20-08-2015 13:36:19 Installed Bluetooth Software
23-08-2015 10:24:31 ComboFix created restore point
23-08-2015 22:07:39 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2015-08-23 11:05 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools"
Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015"
Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] ()
Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL"
Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG)
Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\
Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] ()
Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603
Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix"
Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box"
Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] ()
Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe"
Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files"
Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop
Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe
Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe
2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libegl.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ibackupbot_setup.exe:BDU
AlternateDataStreams: C:\wm2014xxl.exe:BDU
AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU
AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU
AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU
AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU
AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU
AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU
AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC
AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe
FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe
FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe
FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869
FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe
FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/22/2015 03:41:40 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Crawlbereich befindet (Fehler=0x80010108).

Error: (08/22/2015 03:41:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SnippingTool.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bcc

Startzeit: 01d0dcbae9081514

Endzeit: 312

Anwendungspfad: C:\windows\system32\SnippingTool.exe

Berichts-ID: 71b49f35-48d3-11e5-b821-70f39553e7b7

Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/03/2015 09:18:10 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1

Error: (08/03/2015 09:18:08 AM) (Source: AVKWCtl) (EventID: 0) (User: )
Description: Failed to connect to Engines (0x1). Result Code: -1


Systemfehler:
=============
Error: (08/23/2015 10:16:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv.dll

Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv.dll

Error: (08/23/2015 10:15:48 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (08/23/2015 10:15:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv.dll

Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Wireless Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/23/2015 10:09:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/23/2015 10:09:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time.  This session ended with a crash.

Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time.  This session ended with a crash.

Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time.  This session ended with a crash.

Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time.  This session ended with a crash.

Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time.  This session ended with a crash.

Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 2812.56 MB
Verfügbarer physikalischer RAM: 1086.73 MB
Summe virtueller Speicher: 5923.43 MB
Verfügbarer virtueller Speicher: 3620.82 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:72.29 GB) (Free:1.47 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Daten) (Fixed) (Total:137 GB) (Free:11.48 GB) NTFS
Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 57E5C010)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=300 MB) - (Type=42)
Partition 3: (Not Active) - (Size=72.3 GB) - (Type=42)
Partition 4: (Not Active) - (Size=225.5 GB) - (Type=42)

==================== Ende vom raportu ============================
         
--- --- ---

Alt 24.08.2015, 16:17   #11
schrauber
/// the machine
/// TB-Ausbilder
 

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



Noch Kontrollscans


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.08.2015, 06:54   #12
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ef1858f21e046841b58aeacb5963c45b
# end=init
# utc_time=2015-08-24 04:51:19
# local_time=2015-08-24 06:51:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41217
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 25424
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 25424
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ef1858f21e046841b58aeacb5963c45b
# end=updated
# utc_time=2015-08-24 05:03:40
# local_time=2015-08-24 07:03:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=ef1858f21e046841b58aeacb5963c45b
# engine=25424
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-25 02:26:51
# local_time=2015-08-25 04:26:51 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45149233 192100802 0 0
# scanned=713532
# found=16
# cleaned=0
# scan_time=33790
sh=E1C99225C4C16710DE3AF3D52300E1E943F7C84F ft=1 fh=f891ef12b7700e02 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe.vir"
sh=2D3BDDC407B3FF4AE8DF623DC4972935FEDDD248 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap.vir"
sh=91D630DCFDD64919F6E0B008A02B5DC3F8E4B629 ft=1 fh=adda622f7a9601d7 vn="Variante von Win32/Toolbar.Widgi.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\Button.exe.vir"
sh=B46CB3B745D5C97899CB8F243527C230B49F2DA4 ft=1 fh=8479965fa92c6ae8 vn="Variante von Win32/Toolbar.Widgi.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\ButtonWrap.dll.vir"
sh=EDDFB1C2033C2A4442895A914463D5D73BB7672A ft=0 fh=0000000000000000 vn="JS/Adware.Spigot.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\coupons.xpi.vir"
sh=1FA9BFCDB4156C1C95DC03D7D837B361647C5118 ft=0 fh=0000000000000000 vn="JS/Adware.Spigot.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\saebay.xpi.vir"
sh=6227C03AA54DAFB071DFEDB7712E7F6970776611 ft=1 fh=7ea30c95f8f12db7 vn="Win32/Toolbar.Widgi.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\BrowserExtensions\Uninstall.exe.vir"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\OpenCandy\DCF7A0DE01DE479DB814941CF805EB81\DeltaTB.exe.vir"
sh=1064AF96E61893022C70C33C1E0FCE515EA5A272 ft=1 fh=cfb404f47ea9baab vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Settings Manager\SettingsManager.exe.vir"
sh=C25C5A6F5303D1716F66FA34E6BA91953DE4F253 ft=1 fh=1b0689a68f6e8b42 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Settings Manager\Uninstall.exe.vir"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=852A6B778F5BAE9050B6FD3C7AA59792C7B128DA ft=1 fh=38ab496ee63627e4 vn="Variante von Win32/Toolbar.Widgi.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ebling\AppData\Roaming\Update Manager\OldForDeletion~spAE48.tmp.vir"
sh=68BA42E06A7CB7C9B2C85BD821362977AF5AB8A6 ft=1 fh=947b8f139e97bd70 vn="Win32/SweetIM.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\windows\system32\ARFC\wrtc.exe.vir"
sh=6CF8A9F031B45F70BE3E66E7ACC7449CDA15FA34 ft=1 fh=2de4b6f517306153 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\PDFCreator\PDFCreator-1_2_3_setup.exe"
sh=95ADC7925C2BB20FACE637E7031972F8E208FA33 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx"
sh=2D44DFDC38A6DDE1D93656451D5996F29F9DCD27 ft=1 fh=7c272d3303659065 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Ebling\Desktop\wzmp_10.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
G Data InternetSecurity CBE   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 CloneSpy 2.62    
 AntiBrowserSpy     
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 CCleaner     
 JavaFX 2.1.1    
 Java 7 Update 9  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	18.0.0.232  
 Adobe Reader 10.1.13 Adobe Reader out of Date!  
 Google Chrome (44.0.2403.155) 
 Google Chrome (44.0.2403.157) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 ESET ESET Online Scanner OnlineScannerApp.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 G Data InternetSecurity Firewall GDFwSvc.exe 
 G Data InternetSecurity Firewall GDFirewallTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2015
durchgeführt von Ebling (Administrator) auf HP625 (25-08-2015 06:35:31)
Gestartet von C:\Users\Ebling\Desktop
Geladene Profile: Ebling (Verfügbare Profile: Ebling & Doris & DHBW)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
(AVM Berlin) C:\Program Files\1&1\IGDCTRL.EXE
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaRegistry.exe
() C:\Windows\System32\ieconfig_1und1_svc.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
() C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
() C:\Program Files\AntiBrowserSpy\BrowserMask.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVM Berlin) C:\Program Files\1&1\Stcenter.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Hama\Common\RaUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dr. J. Rathlev, D-24222 Schwentinental) C:\Program Files\Personal Backup 5\Persbackup.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\GUI\GDSC.exe
(ESET) C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QLBController] => C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-03-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2011-11-12] (IDT, Inc.)
HKLM\...\Run: [GDFirewallTray] => C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\1&1 FRITZ!Box starter.lnk [2011-03-15]
ShortcutTarget: 1&1 FRITZ!Box starter.lnk -> C:\Windows\Installer\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}\Icon2457326B4.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-08-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hama Wireless LAN Utility.lnk [2011-02-15]
ShortcutTarget: Hama Wireless LAN Utility.lnk -> C:\Program Files\Hama\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2011-04-24] ()
Startup: C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Persbackup.lnk [2014-12-25]
ShortcutTarget: Persbackup.lnk -> C:\Program Files\Personal Backup 5\Persbackup.exe (Dr. J. Rathlev, D-24222 Schwentinental)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {06090F73-779E-4FB6-BB0A-FF6807704AF7} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {18F88A98-33FC-4FB2-AEF8-A77154792A3D} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {417ACE4C-D557-454E-9A06-CE17AD599530} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {43D89E1D-8489-468F-B390-7D3F79E8C588} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001 -> {FC8A9B8F-BE3A-4BBF-82B2-C4427BE73C4B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\System32\ieconfig_1und1.dll [2011-03-15] (mquadr.at software engineering und consulting GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{666D63E0-1108-40D3-940A-9120699323D7}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A574D06-DDF0-4179-92C5-EAA454D4C1FE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AE1DF2C2-266A-4B0D-840C-FBB55ACD6C7B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BBD08B48-9530-4B32-A8B9-41E57567D632}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\windows\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1320190850-2687297852-4289220983-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-01-02]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2012-01-02]

Chrome: 
=======
CHR Profile: C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-08-23]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Kostenfinder) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojfbgjcggeplmenpepddbemhcjfdapoh [2013-08-08]
CHR Extension: (AntiBrowserSpy - SocialBlock) - C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohfajmmkkdjdoaoncnnbgfoomiakgbd [2015-05-15]
CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oohfajmmkkdjdoaoncnnbgfoomiakgbd] - C:\Program Files\AntiBrowserSpy\Addons\Chrome.crx [2015-05-15]
StartMenuInternet: Google Chrome.B4WUOD3OCN64G3KXDJYLCPUSZE - C:\Users\Ebling\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2159472 2014-03-25] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [254328 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [121720 2010-03-30] (AVM Berlin)
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2409280 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [117280 2014-09-05] ()
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-04-05] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [180768 2014-09-05] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\1&1\IGDCTRL.EXE [87344 2007-10-25] (AVM Berlin)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [153464 2010-03-30] (AVM Berlin)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-03-06] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files\Hama\Common\RaRegistry.exe [193888 2010-06-01] (Ralink Technology, Corp.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe [93848 2009-08-10] (SiSoftware) [Datei ist nicht signiert]
R2 serviceIEConfig; C:\Windows\System32\ieconfig_1und1_svc.exe [1053848 2011-03-15] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2011-11-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 avmaudio; C:\windows\System32\DRIVERS\avmaudio.sys [101248 2010-11-14] (AVM Berlin)
R3 avmaura; C:\windows\System32\DRIVERS\avmaura.sys [101248 2010-09-12] (AVM Berlin)
R3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [297000 2010-07-14] (Broadcom Corporation.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [15968 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10208 2014-11-18] ()
R0 GDBehave; C:\windows\System32\drivers\GDBehave.sys [44544 2015-03-29] (G Data Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [101504 2015-03-29] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [56832 2015-03-29] (G Data Software AG)
R1 gdwfpcd; C:\windows\System32\drivers\gdwfpcd32.sys [53248 2015-03-29] (G Data Software AG)
R1 GRD; C:\windows\system32\drivers\GRD.sys [29528 2015-03-29] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [50176 2015-03-29] (G Data Software AG)
R0 hotcore3; C:\windows\System32\DRIVERS\hotcore3.sys [27464 2014-05-19] (Paragon Software Group)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [195200 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 LVUSBSta; C:\windows\System32\drivers\lvusbsta.sys [22016 2005-01-31] (Logitech Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 NWIM; C:\windows\System32\DRIVERS\avmnwim.sys [335224 2010-03-30] (AVM Berlin)
S3 PID_0928; C:\windows\System32\DRIVERS\LV561AV.SYS [211712 2005-01-31] (Logitech Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
R0 sptd; C:\windows\System32\Drivers\sptd.sys [473656 2012-02-04] (Duplex Secure Ltd.)
R3 teamviewervpn; C:\windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [91016 2014-05-19] ()
R1 Uim_DEVIM; C:\windows\System32\DRIVERS\uim_devim.sys [20616 2014-05-19] ()
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [540040 2014-05-19] ()
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert]
S3 WiseHDInfo; C:\windows\WiseHDInfo32.dll [13264 2015-08-01] (wisecleaner.com)
S3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S2 ASPI32; kein ImagePath
S3 catchme; \??\C:\Users\Ebling\AppData\Local\Temp\catchme.sys [X]
U3 DfSdkS; kein ImagePath
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2011-10-24] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 06:35 - 2015-08-25 06:35 - 00000000 ____D C:\Users\Ebling\Desktop\FRST-OlderVersion
2015-08-24 18:51 - 2015-08-24 18:51 - 00000000 ____D C:\Program Files\ESET
2015-08-24 18:10 - 2015-08-24 18:10 - 02870984 _____ (ESET) C:\Users\Ebling\Desktop\esetsmartinstaller_deu.exe
2015-08-24 18:09 - 2015-08-24 18:09 - 00852684 _____ C:\Users\Ebling\Desktop\SecurityCheck.exe
2015-08-23 22:26 - 2015-08-23 22:26 - 00065590 _____ C:\Users\Ebling\Desktop\Addition-23082015.txt
2015-08-23 22:21 - 2015-08-23 22:26 - 00056926 _____ C:\Users\Ebling\Desktop\FRST-23082015.txt
2015-08-23 22:11 - 2015-08-23 22:11 - 00002771 _____ C:\Users\Ebling\Desktop\JRT.txt
2015-08-23 22:06 - 2015-08-23 22:06 - 00001848 _____ C:\Users\Ebling\Desktop\AdwCleaner[C2].txt
2015-08-23 21:58 - 2015-08-23 21:58 - 00008180 _____ C:\Users\Ebling\Desktop\mbam.txt
2015-08-23 21:49 - 2015-08-23 21:49 - 00007758 _____ C:\Users\Ebling\Desktop\ergebnis-anti-malware-23.08.2015-21-49h.txt
2015-08-23 21:07 - 2015-08-24 21:30 - 00098520 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 21:07 - 2015-08-23 21:07 - 00001064 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-23 21:07 - 2015-08-23 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-23 21:06 - 2015-08-23 21:07 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-08-23 21:06 - 2015-08-23 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-23 21:06 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-08-23 21:06 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-08-23 21:06 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-08-23 21:03 - 2015-08-23 21:03 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Ebling\Desktop\JRT.exe
2015-08-23 21:02 - 2015-08-23 21:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ebling\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-23 21:02 - 2015-08-23 21:02 - 01605632 _____ C:\Users\Ebling\Desktop\AdwCleaner_5.003.exe
2015-08-23 21:01 - 2015-08-23 21:01 - 04798152 _____ (WinZip International LLC ) C:\Users\Ebling\Desktop\wzmp_10.exe
2015-08-23 19:39 - 2015-08-24 18:05 - 00000374 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-08-23 11:11 - 2015-08-23 11:11 - 00032637 _____ C:\ComboFix.txt
2015-08-23 10:24 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2015-08-23 10:24 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2015-08-23 10:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2015-08-23 10:24 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2015-08-23 10:22 - 2015-08-23 11:11 - 00000000 ____D C:\Qoobox
2015-08-23 10:21 - 2015-08-23 11:09 - 00000000 ____D C:\windows\erdnt
2015-08-23 10:16 - 2015-08-23 10:16 - 05635234 ____R (Swearware) C:\Users\Ebling\Desktop\ComboFix.exe
2015-08-22 11:26 - 2015-08-23 22:26 - 00065590 _____ C:\Users\Ebling\Desktop\Addition.txt
2015-08-22 11:22 - 2015-08-25 06:35 - 00023176 _____ C:\Users\Ebling\Desktop\FRST.txt
2015-08-22 11:21 - 2015-08-25 06:35 - 00000000 ____D C:\FRST
2015-08-22 11:20 - 2015-08-25 06:35 - 01690112 _____ (Farbar) C:\Users\Ebling\Desktop\FRST.exe
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung.lnk
2015-08-20 14:05 - 2015-08-20 14:05 - 00001046 _____ C:\Users\Ebling\Desktop\Bose Mini SoundLink - Verknüpfung (2).lnk
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\Documents\Bluetooth-Exchange-Ordner
2015-08-20 13:50 - 2015-08-20 13:50 - 00000000 ____D C:\Users\Ebling\AppData\Local\Broadcom
2015-08-20 13:43 - 2010-07-20 13:26 - 00111656 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwavdt.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00088616 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwaudio.sys
2015-08-20 13:43 - 2010-07-20 13:26 - 00018728 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwrchid.sys
2015-08-20 13:43 - 2010-07-14 06:25 - 00297000 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2015-08-20 13:43 - 2010-03-02 14:37 - 00033320 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwl2cap.sys
2015-08-19 22:31 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-19 22:31 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-19 14:10 - 2015-08-19 18:18 - 00000000 ____D C:\Program Files\Huawei
2015-08-19 14:10 - 2011-10-24 06:04 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_quusbmdm.sys
2015-08-19 14:10 - 2011-10-24 05:51 - 00102272 _____ (Huawei Technologies Co., Ltd.) C:\windows\system32\Drivers\hw_usbdev.sys
2015-08-16 13:25 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:43 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-16 11:42 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-16 11:42 - 2015-07-30 18:52 - 02384384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-16 11:42 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-16 11:42 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-16 11:42 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-16 11:42 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-16 11:42 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-16 11:42 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02943488 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 02061312 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-16 11:42 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-16 11:42 - 2015-07-20 19:56 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-16 11:42 - 2015-07-16 22:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-16 11:42 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-16 11:42 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-16 11:42 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-16 11:42 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-16 11:42 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-16 11:42 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-16 11:42 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-16 11:42 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-16 11:42 - 2015-07-16 21:39 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-16 11:42 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-16 11:42 - 2015-07-16 21:32 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-16 11:42 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-16 11:42 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-16 11:42 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-16 11:42 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-16 11:42 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-16 11:42 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-16 11:42 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-16 11:42 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-16 11:42 - 2015-07-16 21:06 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-16 11:42 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-16 11:42 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-16 11:42 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-16 11:42 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-16 11:42 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-16 11:42 - 2015-07-15 19:59 - 00137664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-16 11:42 - 2015-07-15 19:59 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-16 11:42 - 2015-07-15 19:56 - 01308160 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-16 11:42 - 2015-07-15 19:55 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-16 11:42 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-16 11:42 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-16 11:42 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-16 11:42 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-16 11:42 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-16 11:42 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-16 11:42 - 2015-07-15 18:36 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-16 11:42 - 2015-07-15 18:36 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-16 11:42 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-16 11:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-16 11:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-16 11:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-16 11:41 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-16 11:41 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-16 11:29 - 2015-08-16 12:29 - 09284296 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerInstaller.exe
2015-08-03 13:48 - 2015-08-25 04:52 - 00000000 ____D C:\windows\rescache
2015-08-02 09:29 - 2015-08-02 09:29 - 02232320 _____ C:\windows\system32\config\DEFAULT.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00094208 _____ C:\windows\system32\config\SAM.rhk
2015-08-02 09:29 - 2015-08-02 09:29 - 00028672 _____ C:\windows\system32\config\SECURITY.rhk
2015-08-02 09:25 - 2015-08-02 09:29 - 73924608 _____ C:\windows\system32\config\SOFTWARE.rhk
2015-08-01 16:09 - 2015-08-25 06:12 - 01296552 _____ C:\windows\WindowsUpdate.log
2015-08-01 16:08 - 2015-08-01 16:08 - 00133048 _____ C:\Users\Ebling\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-01 16:07 - 2015-08-24 18:04 - 00008348 _____ C:\windows\setupact.log
2015-08-01 16:07 - 2015-08-01 16:07 - 00000000 _____ C:\windows\setuperr.log
2015-08-01 16:06 - 2015-08-23 22:03 - 00007922 _____ C:\windows\PFRO.log
2015-08-01 16:06 - 2015-08-16 18:29 - 00467536 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-01 10:27 - 2015-08-23 22:04 - 00002004 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2015-08-01 10:27 - 2015-08-23 10:17 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00013264 _____ (wisecleaner.com) C:\windows\WiseHDInfo32.dll
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-08-01 10:27 - 2015-08-01 10:27 - 00000000 ____D C:\Program Files\Wise
2015-08-01 10:23 - 2015-08-01 10:23 - 06043448 _____ (WiseCleaner.com ) C:\Program Files\WiseCare365_373DE.exe
2015-07-28 09:04 - 2015-07-28 09:04 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-28 09:04 - 2015-07-28 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-28 08:54 - 2015-07-28 08:54 - 00001815 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 06:12 - 2012-09-18 23:29 - 00001124 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job
2015-08-25 06:12 - 2010-09-25 11:38 - 00001098 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-25 03:10 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 03:10 - 2009-07-14 06:34 - 00022688 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-24 23:48 - 2010-09-18 11:50 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForEbling.job
2015-08-24 20:12 - 2012-09-18 23:29 - 00001072 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job
2015-08-24 20:12 - 2010-09-25 11:38 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 19:21 - 2014-09-29 22:19 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\HpUpdate
2015-08-24 18:50 - 2010-06-11 20:30 - 01629212 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-24 18:04 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-23 23:06 - 2012-09-18 23:36 - 00002362 _____ C:\Users\Ebling\Desktop\Google Chrome.lnk
2015-08-23 22:29 - 2012-08-23 19:54 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\IObit
2015-08-23 22:10 - 2012-12-27 11:51 - 00000000 ____D C:\ProgramData\IObit
2015-08-23 22:02 - 2015-05-09 09:03 - 00000000 ____D C:\AdwCleaner
2015-08-23 21:59 - 2012-03-11 00:18 - 00000324 _____ C:\windows\Tasks\HPCeeScheduleForHP625$.job
2015-08-23 21:52 - 2009-07-14 04:37 - 00000000 ____D C:\windows\LiveKernelReports
2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Default
2015-08-23 11:11 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-23 11:05 - 2009-07-14 04:04 - 00000215 _____ C:\windows\system.ini
2015-08-23 10:52 - 2009-07-14 04:03 - 78118912 _____ C:\windows\system32\config\SOFTWARE.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 40632320 _____ C:\windows\system32\config\COMPON~1.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 27525120 _____ C:\windows\system32\config\SYSTEM.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 02359296 _____ C:\windows\system32\config\DEFAULT.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 00262144 _____ C:\windows\system32\config\SECURITY.bak
2015-08-23 10:52 - 2009-07-14 04:03 - 00094208 _____ C:\windows\system32\config\SAM.bak
2015-08-23 10:00 - 2012-01-03 01:14 - 00000000 ____D C:\Program Files\AntiBrowserSpy
2015-08-23 10:00 - 2010-06-11 20:47 - 00000000 ____D C:\ProgramData\PDFC
2015-08-20 21:30 - 2014-11-11 20:35 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-08-20 13:50 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-20 13:35 - 2010-09-11 15:51 - 00000000 ____D C:\Users\Ebling
2015-08-20 13:35 - 2010-07-01 15:50 - 00000000 ____D C:\Program Files\Broadcom
2015-08-19 14:10 - 2014-02-02 15:03 - 00000764 _____ C:\NSI_DriverInstall.log
2015-08-19 14:09 - 2012-06-09 22:00 - 00000000 ____D C:\Program Files\Handset WinDriver
2015-08-17 10:32 - 2014-11-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-08-17 10:18 - 2014-11-07 00:01 - 00000000 ____D C:\Program Files\TomTom HOME 2
2015-08-17 10:15 - 2011-08-13 16:07 - 00000000 ____D C:\Users\Ebling\AppData\Local\Downloaded Installations
2015-08-16 19:29 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2015-08-16 18:26 - 2014-12-10 04:15 - 00000000 ____D C:\windows\system32\appraiser
2015-08-16 18:26 - 2014-05-06 21:54 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-16 18:26 - 2010-06-11 20:42 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2015-08-16 18:26 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2015-08-16 13:53 - 2010-09-11 18:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-16 13:52 - 2015-04-19 18:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 13:52 - 2011-05-04 06:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-16 13:47 - 2013-08-15 17:30 - 00000000 ____D C:\windows\system32\MRT
2015-08-16 13:30 - 2010-09-16 19:47 - 129304528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-16 12:29 - 2012-05-25 10:47 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-08-16 12:29 - 2011-06-04 12:20 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-08-01 10:46 - 2010-09-11 18:02 - 00000000 ___RD C:\MSOCache
2015-08-01 10:32 - 2015-03-12 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-08-01 10:32 - 2014-03-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2015-08-01 10:32 - 2012-05-27 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-01 10:32 - 2012-03-07 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2015-08-01 09:36 - 2013-05-09 22:58 - 00000000 ____D C:\Users\Ebling\AppData\Local\CrashDumps
2015-07-31 18:12 - 2015-03-29 18:16 - 00000400 _____ C:\windows\Tasks\One-Click Optimizer WO11.job
2015-07-29 21:26 - 2014-09-29 22:18 - 00000000 ____D C:\ProgramData\HP
2015-07-29 20:06 - 2010-09-11 15:55 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\Hewlett-Packard
2015-07-28 09:04 - 2011-12-01 22:27 - 00000000 ____D C:\Program Files\iTunes
2015-07-28 09:03 - 2012-06-16 13:21 - 00000000 ____D C:\Program Files\iPod
2015-07-28 09:02 - 2015-04-17 16:42 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-28 08:54 - 2012-05-27 21:51 - 00000000 ____D C:\Program Files\QuickTime
2015-07-27 11:02 - 2015-04-23 18:47 - 00000000 ____D C:\Users\Ebling\AppData\Roaming\iFunbox_UserCache
2015-07-26 21:03 - 2015-01-21 23:40 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieBrowserModeList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieUserList
2015-07-26 21:03 - 2014-06-05 09:17 - 00000000 __SHD C:\Users\Ebling\AppData\Local\EmieSiteList

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-09 09:02 - 2015-05-09 09:02 - 2204160 _____ () C:\Program Files\adwcleaner_4.203.exe
2015-05-03 22:35 - 2015-05-03 22:35 - 0891224 _____ (AMD) C:\Program Files\amddriverdownloader.exe
2014-02-27 18:57 - 2013-05-19 17:18 - 13431464 _____ () C:\Program Files\anytrans-setup.exe
2011-04-24 07:47 - 2011-04-24 07:47 - 0620972 _____ () C:\Program Files\Autoruns.zip
2012-07-17 22:53 - 2012-07-17 22:51 - 0883840 _____ () C:\Program Files\Avira-DE-Cleaner.exe
2015-03-06 15:20 - 2015-03-06 15:20 - 2314104 _____ () C:\Program Files\avira_pc_cleaner_de.exe
2013-10-08 13:20 - 2015-07-05 11:04 - 0027155 _____ () C:\Program Files\Changes.txt
2014-06-09 18:25 - 2014-06-09 18:24 - 0277107 _____ () C:\Program Files\clonepartition.rar
2013-05-29 15:04 - 2013-09-09 18:55 - 8334304 _____ (WindSolutions) C:\Program Files\CopyTransManager.exe
2010-08-29 15:08 - 2015-07-05 11:04 - 0000067 _____ () C:\Program Files\Core Temp Gadget & Addons.url
2013-10-08 13:22 - 2015-07-05 11:04 - 0794272 _____ () C:\Program Files\Core Temp.exe
2015-07-05 10:58 - 2015-07-05 10:58 - 0734473 _____ () C:\Program Files\CoreTemp_106.zip
2011-07-22 08:15 - 2011-07-22 08:15 - 0000000 _____ () C:\Program Files\ctapi_out_gr.txt
2011-02-22 13:48 - 2011-02-22 13:48 - 0175007 _____ () C:\Program Files\DirPrintOK292_Installer.zip
2012-05-02 15:44 - 2012-05-02 15:57 - 50449456 _____ (Microsoft Corporation) C:\Program Files\dotNetFx40_Full_x86_x64.exe
2012-07-17 22:06 - 2012-06-05 20:14 - 7207866 _____ (FreeDownloadManager.ORG                                     ) C:\Program Files\fdminst.exe
2011-11-13 16:42 - 2011-11-13 16:45 - 14598944 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\FirstBackup.spg
2015-05-03 18:51 - 2015-05-03 18:51 - 30650288 _____ (DVDVideoSoft Ltd.                                           ) C:\Program Files\FreeVideoToMP3Converter.exe
2014-02-27 18:57 - 2013-01-11 23:56 - 18291784 _____ (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04 (1).exe
2013-01-06 21:34 - 2013-01-06 21:32 - 18291784 ____N (AVM Berlin                                                  ) C:\Program Files\FRITZ!fax_3.07.04.exe
2011-11-20 18:38 - 2011-09-08 07:23 - 0148923 _____ () C:\Program Files\FRITZ.Box Fon WLAN 7170 (UI) 29.04.80_08.09.11_0723.export
2012-08-27 20:20 - 2012-08-27 20:27 - 28952353 _____ () C:\Program Files\HiSuiteSetup V1.6.10.08.zip
2015-07-21 18:05 - 2015-07-21 18:05 - 5493352 _____ (Marx Software                                               ) C:\Program Files\IDM05Setup.exe
2015-04-23 18:41 - 2015-04-23 18:41 - 21348024 _____ (                                                            ) C:\Program Files\ifunbox_setup.exe
2014-02-27 18:57 - 2013-09-09 18:46 - 4279392 _____ (WindSolutions) C:\Program Files\Install_CopyTrans_Suite.exe
2014-02-27 18:57 - 2014-02-15 14:36 - 30796712 _____ (Oracle Corporation) C:\Program Files\jre-7u51-windows-x64.exe
2014-02-27 18:57 - 2013-05-08 20:44 - 4894912 _____ (Kaspersky Lab ZAO) C:\Program Files\kavremover.exe
2012-01-05 18:39 - 2013-09-09 18:55 - 0012943 _____ () C:\Program Files\License Agreement.rtf
2010-06-30 18:32 - 2015-07-05 11:04 - 0006594 _____ () C:\Program Files\License.txt
2014-04-18 08:42 - 2014-04-18 08:43 - 28875706 _____ () C:\Program Files\MediathekView_6.zip
2010-09-24 18:34 - 2010-09-24 18:34 - 0002120 _____ () C:\Program Files\mobile
2012-09-02 14:02 - 2012-09-02 14:02 - 0290154 _____ () C:\Program Files\mp3DirectCut2.16.exe
2011-03-06 14:48 - 2011-03-06 14:48 - 0417048 _____ (Yahoo! Inc.) C:\Program Files\msgr10de.exe
2014-04-16 09:26 - 2014-04-16 09:26 - 16587248 _____ (Tracker Software Products Ltd                               ) C:\Program Files\PDFX142Vwer.exe
2012-12-02 00:54 - 2012-12-02 00:59 - 15271824 _____ (Google Inc.) C:\Program Files\picasa39-setup.exe
2014-02-27 18:57 - 2013-05-20 14:16 - 15102976 _____ (MiniTool Solution Ltd.                                      ) C:\Program Files\pwhe78.exe
2014-06-28 16:18 - 2014-06-28 16:18 - 2617176 _____ (VS Revo Group Ltd.) C:\Program Files\revosetup193.exe
2013-04-19 23:21 - 2013-04-19 23:23 - 6018162 _____ () C:\Program Files\Root_Y200_v5.zip
2013-02-17 17:48 - 2013-02-17 17:48 - 5193621 _____ () C:\Program Files\Samsung-PC-Editor.rar
2013-02-17 17:55 - 2013-02-17 17:55 - 6845297 _____ () C:\Program Files\Samsung_ChannelListPCEditor_1.09.zip
2014-02-27 18:57 - 2014-02-15 21:24 - 3930129 _____ () C:\Program Files\Setup_Migraene-Tagebuch.exe
2010-09-23 20:50 - 2010-09-23 20:50 - 0001696 _____ () C:\Program Files\sg_backup_2010-09-23-2050.spg
2015-07-25 17:20 - 2015-07-25 17:20 - 6962912 _____ (Microsoft Corporation) C:\Program Files\Silverlight.exe
2013-04-20 12:43 - 2013-04-20 12:43 - 0627688 _____ () C:\Program Files\Superuser-3.0.7-efghi-signed.zip
2014-06-09 18:51 - 2014-06-09 18:51 - 0583496 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\tb_free_installer.exe
2010-09-23 20:46 - 2010-09-23 20:46 - 0655360 _____ (Speed Guide Inc.) C:\Program Files\TCPOptimizer.exe
2012-11-17 12:48 - 2012-11-17 12:49 - 3167176 _____ (TeamViewer) C:\Program Files\TeamViewerQS_de.exe
2009-10-20 00:43 - 2009-10-20 00:43 - 0047104 _____ () C:\Program Files\Thumbs.db
2014-11-06 23:57 - 2014-11-06 23:57 - 31119112 _____ () C:\Program Files\TomTomHOME2winlatest.exe
2015-08-01 10:23 - 2015-08-01 10:23 - 6043448 _____ (WiseCleaner.com                                             ) C:\Program Files\WiseCare365_373DE.exe
2014-05-18 20:19 - 2014-05-18 20:19 - 0699943 _____ () C:\Program Files\wmv2-1.9.8.exe
2015-03-29 19:10 - 2015-03-29 19:10 - 0000000 _____ () C:\Users\Ebling\AppData\Roaming\gdfw.log
2015-03-29 19:10 - 2015-03-29 19:10 - 0000779 _____ () C:\Users\Ebling\AppData\Roaming\gdscan.log
2011-02-16 15:58 - 2011-05-21 20:59 - 0001849 _____ () C:\Users\Ebling\AppData\Roaming\GhostObjGAFix.xml
2011-07-02 21:02 - 2011-07-02 21:03 - 0038452 _____ () C:\Users\Ebling\AppData\Roaming\Microsoft Excel 97-2003.ADR
2011-08-13 19:00 - 2012-01-23 20:20 - 0001570 _____ () C:\Users\Ebling\AppData\Roaming\MyMicroBalanceConfig.ini
2012-09-02 14:21 - 2014-07-31 17:27 - 0004608 _____ () C:\Users\Ebling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-03-06 14:44 - 2011-03-06 14:44 - 0000209 _____ () C:\Users\Ebling\AppData\Local\GLFEDA7.tmp
2014-03-15 10:27 - 2014-03-15 10:27 - 0004096 ____H () C:\Users\Ebling\AppData\Local\keyfile3.drm
2012-03-10 11:45 - 2012-03-10 11:45 - 0000017 _____ () C:\Users\Ebling\AppData\Local\resmon.resmoncfg
2012-11-25 03:31 - 2012-11-25 03:31 - 0017408 _____ () C:\Users\Ebling\AppData\Local\WebpageIcons.db
2014-09-29 22:18 - 2014-09-29 22:18 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-24 01:00 - 2011-12-24 01:00 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-02-16 13:56 - 2014-06-25 20:24 - 10981376 _____ () C:\ProgramData\sandra.mda
2014-12-26 18:30 - 2014-12-26 18:30 - 0001534 _____ () C:\ProgramData\ss.ini

Einige Dateien in TEMP:
====================
C:\Users\Ebling\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-25 04:44

==================== Ende vom FRST.txt ============================
         

Alt 25.08.2015, 07:02   #13
webling
 
C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



[CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:24-08-2015
durchgeführt von Ebling (2015-08-25 06:56:09)
Gestartet von C:\Users\Ebling\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1320190850-2687297852-4289220983-500 - Administrator - Disabled)
DHBW (S-1-5-21-1320190850-2687297852-4289220983-1007 - Limited - Enabled) => C:\Users\DHBW
Doris (S-1-5-21-1320190850-2687297852-4289220983-1002 - Limited - Enabled) => C:\Users\Doris
Ebling (S-1-5-21-1320190850-2687297852-4289220983-1001 - Administrator - Enabled) => C:\Users\Ebling
Gast (S-1-5-21-1320190850-2687297852-4289220983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320190850-2687297852-4289220983-1011 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G Data InternetSecurity CBE (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1und1 Internet Explorer Add-On (Version: 1.0 - 1&1 Internet AG) Hidden
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 141 - Abelssoft)
Anti-Twin (Installation 12/29/2011) (HKLM\...\Anti-Twin 2011-12-29 18.43.19) (Version: - Joerg Rosenthal, Germany)
AnyTrans 3.4.1 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 3.4.1 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{992F7E6B-58D4-428A-B574-082C0884423E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVM FRITZ!Fernzugang (HKLM\...\{5DC36978-AB9A-4A23-9C12-D90D2BB781B7}) (Version: 1.2.3 - AVM Berlin)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (Version: 2011.0316.116.298 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 2.62 (HKLM\...\CloneSpy) (Version: - CloneSpy)
COMPUTERBILD-Abzockschutz (HKLM\...\{6F03FF16-24BF-4887-9EBA-280CF7657A54}) (Version: 1.0.42 - J3S)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Der grandiose Bildverkleinerer 1.7b (HKLM\...\Der grandiose Bildverkleinerer) (Version: 1.7b - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DirPrintOK (HKLM\...\DirPrintOK) (Version: - )
EaseUS Partition Master 10.5 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Energy Star Digital Logo (HKLM\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Everything 1.2.1.371 (HKLM\...\Everything) (Version: - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video Flip and Rotate version 2.1.7.422 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.7.422 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.3 (HKLM\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.3 - GreenTree Applications SRL)
FRITZ!Box starter (HKLM\...\{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}) (Version: 2.04.02 - AVM Berlin)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
G Data InternetSecurity CBE (HKLM\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{15F02176-0D12-4FAF-B2CD-2767C7781427}) (Version: 3.0.4993 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\Google+ Auto Backup) (Version: 1.0.24.118 - Google, Inc.)
GoogleClean (HKLM\...\{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1) (Version: 5.0.000 - Abelssoft)
Hama Wireless LAN Adapter (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 10.6.0 - Hama)
Hama Wireless LAN Adapter (HKLM\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Hama)
Handset WinDriver 1.02.03.00 (HKLM\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM\...\Hi Suite) (Version: 32.610.28.00.06 - Huawei Technologies Co.,Ltd)
HP Advisor (HKLM\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM\...\{C2686567-5A9A-4B6D-B965-7A5E26F73A25}) (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{E5360B00-4DEF-4F6E-8ED9-B2C31875D813}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Setup (HKLM\...\{96AC1B0B-02D1-4FAA-9C1E-C92ECA74921A}) (Version: 8.2.4130.3367 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{DA200FDD-DE3D-4958-8465-C4FBC869544B}) (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (HKLM\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0190 (HKLM\...\{5B0D9F1A-425E-46C4-B06D-2C0736C1E804}) (Version: 1.00.0000 - Hewlett-Packard)
HP Webcam (HKLM\...\{1D61E881-43CD-447B-9E6B-D2C6138B2862}) (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.2.5 (HKLM\...\iBackupBot) (Version: 5.2.5 - VOWSoft, Ltd.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6300.0 - IDT)
iFunbox (v2.95.2610.819), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.95.2610.819 - )
iTunes (HKLM\...\{9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Licensing Service Install (HKLM\...\{AF72E557-0647-4DE5-ACDA-ECFB38D5D732}) (Version: 2.0.1.181 - Protexis Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
miTracker 1.1.4 (HKLM\...\miTracker) (Version: 1.1.4 - Vitarsoft Co. Limited.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{1AE1CCB0-DF19-44DF-B8C8-8E259F63B028}) (Version: 2.5.3 - Trusted Bytes Softwareentwicklung e.U.)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Festplatten Manager™ 2011 Kompakt (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.117 - PDF Complete, Inc)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
PhoneClean 2.1.6 (HKLM\...\{E980ED1F-AOF8-PF7E-B174-59POS2BOIUVB}}_is1) (Version: 2.1.6 - iMobie Inc.)
PhotoFiltre (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PhotoFiltre Studio X) (Version: - )
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
POP and IMAP Troubleshooter (HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\...\PopImapTroubleshooter) (Version: 0.1 - Google)
QuickTime 7 (HKLM\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.39 - Piriform)
Revo Uninstaller 1.93 (HKLM\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.20 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version: - )
SiSoftware Sandra Lite 2011.SP1 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1) (Version: 17.36.2011.2 - SiSoftware)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SmartTools Office DDE-Fix (HKLM\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Snapfish Fotobuch (HKLM\...\Snapfish Fotobuch) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten (HKLM\...\{F158CFB3-2C04-4138-9556-B9C3D5A89CF4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System.Data.SQLite v1.0.81.0 (HKLM\...\{02E43EC2-6B1C-45B5-9E48-941C3E1B204A}_is1) (Version: 1.0.81.0 - System.Data.SQLite Team)
TeamViewer 6 (HKLM\...\TeamViewer 6) (Version: 6.0.13992 - TeamViewer GmbH)
TomTom HOME (HKLM\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trainingssoftware (HKLM\...\{7C33F907-7A81-48B8-BD2D-D851C5FA9EFC}) (Version: 1.0.0 - IKE Software Solutions)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.0a - TrueCrypt Foundation)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.275 - TuneUp Software) Hidden
TuneUp Utilities 2014 (Version: 14.0.1000.275 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows 7 Default Setting (HKLM\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.7 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (HKLM\...\0973B297E079B467E3776E59F763D63FD557795B) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Wise Care 365 3.73 (HKLM\...\Wise Care 365_is1) (Version: 3.73 - WiseCleaner.com, Inc.)
WMV9/VC-1 Video Playback (Version: 1.0.60316.0158 - ATI Technologies Inc.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0006F045-0000-0000-C000-000000000046}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0AFACED1-E828-11D1-9187-B532F1E9575D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E88DCCE0-B7B3-11D1-A9F0-00AA0060FA31}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F5078F32-C551-11D3-89B9-0000F81FE221}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-1320190850-2687297852-4289220983-1001_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> kein Dateipfad

==================== Wiederherstellungspunkte =========================

23-08-2015 10:24:31 ComboFix created restore point
23-08-2015 22:07:39 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2015-08-23 11:05 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01979C6F-F3CD-4ADF-850A-D355D7DBF1E2} - System32\Tasks\{D7B22B5B-FEF4-45DD-BBD7-DDD4B3D3BD98} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {07BC50FA-DF6F-41CB-9167-7FC771DE5D0E} - System32\Tasks\{BF456A74-A282-4513-BE6C-DCEC0EDB9173} => pcalua.exe -a "C:\Program Files\SmartTools\SmartTools Office DDE-Fix.exe" -d "C:\Program Files\SmartTools"
Task: {0CD0B4DA-4EF0-4CEA-B9E6-E216CF647833} - System32\Tasks\{734BA5A5-D0D3-413C-A06E-1334EA7C253A} => pcalua.exe -a "H:\WISO\Steuersoftware 2015\WISOSteuersoftware2015 (1).exe" -d "H:\WISO\Steuersoftware 2015"
Task: {0D0F5B0A-9C80-49E0-ACF1-ED2D99D3963B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {133132F4-A462-4221-9918-D1E109459994} - System32\Tasks\AntiBrowserSpy - SocialBlock - IE => C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe [2014-01-13] ()
Task: {1490F15A-500B-48F8-A1B6-CD708B60A869} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {231BF404-97D8-4B25-823E-2EEA520D3319} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {24F1B7B9-C2DA-4872-82DF-78F6957EA702} - System32\Tasks\{EAAA07BA-9CB7-4E2A-B8AB-9B51384CBF79} => pcalua.exe -a C:\windows\IsUn0407.exe -c -f"C:\Program Files\FRITZ!\Uninst.isu" -c"C:\Program Files\FRITZ!\UNINST.DLL"
Task: {295090DA-E78F-4DBC-9965-0937ACB7F00F} - System32\Tasks\AntiBrowserSpy - BrowserMask => C:\Program Files\AntiBrowserSpy\BrowserMask.exe [2014-01-13] ()
Task: {2A74942C-6BCB-4059-8646-F38427E9E926} - System32\Tasks\Google Updater and Installer => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {314EFBE2-4FB4-4363-BC33-95BD2D0C199D} - System32\Tasks\HPCeeScheduleForEbling => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {33EAEE3C-E0B9-46D9-A740-23FBC29BEA0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {34D6170E-7F66-43DE-92AA-51121A2FB431} - System32\Tasks\One-Click Optimizer WO11 => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe [2015-01-05] (Ashampoo Development GmbH & Co. KG)
Task: {47C8A5FF-A6CA-49DB-A739-DD959BC47F21} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {640420A2-1CD1-4541-91A8-2D13AEEF61A5} - System32\Tasks\{782CEE39-1246-4CF0-BF80-77CA87BA991F} => pcalua.exe -a H:\InstallTomTomHOME.exe -d H:\
Task: {6DD37970-9D6C-420D-A55B-205B563BB395} - System32\Tasks\{DAD58C6D-7B0D-449A-873D-CA8C01E5FDC1} => C:\Program Files\iMobie\AnyTrans\anytrans-setup.exe [2013-05-19] ()
Task: {71F4526D-6F16-446D-9F58-81D891E12DCD} - System32\Tasks\{890ED934-859F-4552-B0DC-F478B34CFB2F} => Chrome.exe hxxp://ui.skype.com/ui/0/5.0.0.152/de/go/help.faq.installer?LastError=1603
Task: {80F50AED-FAF1-4F20-94DD-E15F2C60E6E8} - System32\Tasks\{0B46AF53-A2FB-4098-BCB8-5E86A4457EB7} => pcalua.exe -a "C:\Program Files\SmartTools\Office DDE-Fix\uninstall.exe" -d "C:\Program Files\SmartTools\Office DDE-Fix"
Task: {80F9E998-4AB6-4377-9B91-521DD6141DE2} - System32\Tasks\{48C16FF1-F5E1-40A1-9BD6-EE8DA774B726} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {811A6051-40F0-4085-BB3B-6F577CCA5B7C} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {81A420AF-3DA2-462B-B3D8-796DF4E2C60A} - System32\Tasks\{E508F5B1-0FFE-4648-861C-C3B3A77109F3} => pcalua.exe -a "C:\Program Files\FRITZ!Box\FRITZ!fax_3.07.04.exe" -d "C:\Program Files\FRITZ!Box"
Task: {88D05C53-BF29-41FC-8A4F-B8209C8AB5A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B11E630-046A-43CF-B73A-930B0CE305C7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {8D02AB57-24BF-4370-9117-62250A647186} - System32\Tasks\{CDE98B08-CC91-4969-BD47-3D0DBF714EEF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {8E7BDED3-155B-4581-B97D-92DA9F8FE5C5} - System32\Tasks\ASC8_SkipUac_Ebling => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
Task: {8F503074-A26D-4DEC-9EDC-E9416CBF32B6} - System32\Tasks\{48F2F052-31D6-4307-8BA0-EA9DB63FAFAF} => C:\Program Files\Personal Backup 5\Persbackup.exe [2014-08-31] (Dr. J. Rathlev, D-24222 Schwentinental)
Task: {904E8419-36B7-4F8D-B3DF-B43242CE78CB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {908D6E9A-4122-418D-AF2A-07C2F1DB3436} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
Task: {921512E0-3959-4FA8-BAA4-AE58DEA62E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {95224B42-2574-4EA7-8C4C-BBA507E88A85} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-17] (Google Inc.)
Task: {95946CEF-BBB5-44EA-B9F7-2B00B060CD98} - System32\Tasks\{40FAF4F9-93F5-4266-B1FF-0D111039189A} => pcalua.exe -a "C:\Program Files\iview430g_setup.exe" -d C:\Users\Ebling\Desktop
Task: {9A36F8F5-7717-472E-BCA6-85FC241B45CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {9CC38FA3-C263-44D3-9DEC-2D75EFD699BC} - System32\Tasks\{1D954EBB-64CB-4FBA-BF3A-20D806CCF871} => Chrome.exe hxxp://ui.skype.com/ui/0/5.5.0.124/de/go/help.faq.installer?LastError=1603
Task: {B744F1FB-F29F-464E-AB93-9D81D3D2D28A} - System32\Tasks\AntiBrowserSpy - SocialBlock - IEProxyCheck => C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe [2014-01-13] ()
Task: {C6136B4B-1487-4868-9914-75136056ABD1} - System32\Tasks\{DD71730C-F8FF-4900-86CE-BE6EEDFD9428} => pcalua.exe -a C:\ProgramData\Uninstall\{537BF16E-7412-448C-95D8-846E85A1D817}\setup.exe -d C:\windows\system32 -c /x {537BF16E-7412-448C-95D8-846E85A1D817}
Task: {CCCDDC80-D966-4940-8B67-4187F134A4A9} - System32\Tasks\HPCeeScheduleForHP625$ => c:\program files\hewlett-packard\hp ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {CF723268-1BCF-454E-938C-2279828B9184} - System32\Tasks\{6EEE5437-4E2D-40EB-911F-A6C858C971FB} => pcalua.exe -a "C:\Program Files\Google\Picasa3\Uninstall.exe"
Task: {D8854C4B-75DA-4B07-BDE5-1424B67FF13C} - System32\Tasks\{E2634312-8A42-4EBF-A6EC-E194A5615141} => pcalua.exe -a "C:\Program Files\FRITZ!fax_3.07.04.exe" -d "C:\Program Files"
Task: {DB0E0E0B-036C-440E-8614-02291AC4A684} - System32\Tasks\{16FE68E3-8085-4DE4-BBB7-DB8ED9F20C62} => pcalua.exe -a "C:\Users\Ebling\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLQGS4AV\sp48591[1].exe" -d C:\Users\Ebling\Desktop
Task: {DF21E094-5EE5-4916-8AA8-5079BA6F1785} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {F037DEC8-361B-43FB-B03E-A9D31575BA3F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {F402D984-6BEC-4B64-AA36-D3C005440D04} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBCE29B2-17E0-4A73-958C-838E5BBD1E89} - System32\Tasks\{49950F46-4A32-40C2-B8EB-8A7B7344E019} => pcalua.exe -a "D:\1-Wilfried\Nebentätigkeiten\0-Lehrauftrag-Baureferendare\Rheinland-Pfalz\Foliensatz für Baureferendare 2011\iview430g_setup.exe" -d C:\Users\Ebling\Desktop

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001Core.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1001UA.job => C:\Users\Ebling\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002Core.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1320190850-2687297852-4289220983-1002UA.job => C:\Users\Doris\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForEbling.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHP625$.job => c:\program files\hewlett-packard\hp ceement\HPCEE.exe
Task: C:\windows\Tasks\One-Click Optimizer WO11.job => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2015\WO2015.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-04 20:00 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\System32\pdfcmnnt.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-18 14:52 - 2014-09-05 09:40 - 00117280 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
2015-07-18 14:52 - 2014-09-05 09:40 - 00180768 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
2011-03-15 13:03 - 2011-03-15 13:03 - 01053848 ____N () C:\Windows\System32\ieconfig_1und1_svc.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00287864 ____N () C:\Program Files\Common Files\G Data\AVKProxy\PktIcpt2.dll
2015-05-15 19:04 - 2014-01-13 10:08 - 01136640 _____ () C:\Program Files\AntiBrowserSpy\AntiBrowserSpy-IE-SocialBlock.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00778240 _____ () C:\Program Files\AntiBrowserSpy\SocialBlock_ProxyCheck.exe
2015-05-15 19:04 - 2014-01-13 10:15 - 00823424 _____ () C:\Program Files\AntiBrowserSpy\BrowserMask.exe
2011-02-15 17:38 - 2010-06-14 15:38 - 00984416 _____ () C:\Program Files\Hama\Common\RaWLAPI.dll
2011-03-14 14:20 - 2011-03-14 14:20 - 00098304 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-16 01:14 - 2011-03-16 01:14 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 01405768 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 00081224 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-22 11:16 - 2015-08-18 07:23 - 16393032 _____ () C:\Users\Ebling\AppData\Local\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ibackupbot_setup.exe:BDU
AlternateDataStreams: C:\wm2014xxl.exe:BDU
AlternateDataStreams: C:\Program Files\avira_pc_cleaner_de.exe:BDU
AlternateDataStreams: C:\Program Files\PDFX142Vwer.exe:BDU
AlternateDataStreams: C:\Program Files\revosetup193.exe:BDU
AlternateDataStreams: C:\Program Files\Setup_Migraene-Tagebuch.exe:BDU
AlternateDataStreams: C:\Program Files\tb_free_installer.exe:BDU
AlternateDataStreams: C:\Program Files\TomTomHOME2winlatest.exe:BDU
AlternateDataStreams: C:\Program Files\wmv2-1.9.8.exe:BDU
AlternateDataStreams: C:\windows\system32\atibtmon.exe:AGC
AlternateDataStreams: C:\Users\Ebling\OJ6500_E710n-z_1315-1.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com
IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info
IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com
IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net
IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net
IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com
IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com
IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1320190850-2687297852-4289220983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ebling\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.5 BD Edition.lnk => C:\windows\pss\PHOTOfunSTUDIO 6.5 BD Edition.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ebling^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Persbackup.lnk => C:\windows\pss\Persbackup.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe
MSCONFIG\startupreg: estar => C:\System.Sav\Util\HideDOS.EXE C:\System.Sav\util\estartwk\twk7.bat
MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
MSCONFIG\startupreg: iFunBox Fast App Install Handler => C:\Program Files\i-Funbox DevTeam\iFunBox.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: miTracker => C:\Program Files\miTracker\miTracker.exe
MSCONFIG\startupreg: Mobile Partner => C:\Program Files\HiSuite\HiSuite.exe -s
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: UM => C:\Users\Ebling\AppData\Roaming\Update Manager\UM.EXE

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{1FB21EF4-B2D9-46D3-9143-81A824193170}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{DA70798B-6C74-4314-9E85-0AD7EA3FFA4D}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{D398DBA3-5B1A-4115-A443-1555995590FA}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{C6E9E309-E04A-4465-AB54-A8C3BBD0D257}] => (Allow) C:\Users\Ebling\AppData\Local\Apps\2.0\HV4E29ZP.ME0\T6Z64HQP.E6T\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe
FirewallRules: [{34A2C04A-52FD-4633-B7BB-E7E8B7B8E06E}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\RpcAgentSrv.exe
FirewallRules: [{35F1465C-4094-4338-B217-7DE418ECC2AA}] => (Allow) G:\fsetup.exe
FirewallRules: [{0771C26A-3465-4A63-A3FB-5DEB25174563}] => (Allow) G:\fsetup.exe
FirewallRules: [{9C8EEAC4-C79E-4645-A345-338396030737}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{D194DF3A-FFF0-4543-8EE4-2AF55A8E73F5}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer.exe
FirewallRules: [{9AA67938-324E-4F9A-A3FD-09CE569F0070}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{7BA68422-AA22-4466-857F-D9E00534E399}] => (Allow) C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
FirewallRules: [{70A20D15-4578-458B-B6F1-133FB02F5710}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5E420C5-9698-499C-B6CF-25C51A6B905A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{023C21EE-16A0-4373-9E02-AE44FC9F9843}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{F2DE679E-9EA9-4C6F-B596-E6E80E9394BA}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{796FA458-B5B4-4C0D-913E-C5CDA12E37BC}] => (Allow) C:\Windows\System32\msiexec.exe
FirewallRules: [{912DA99B-4816-4BFF-9B2E-C88D8EFB0407}] => (Allow) C:\Users\Ebling\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C23F3B2D-F668-4510-ABC5-3AD89244CC22}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{98BA9B42-D287-4D0B-9C3A-D7200D181C49}] => (Allow) LPort=2869
FirewallRules: [{BAA9DC4F-E2C2-45A1-83FE-9E71AF8AD65D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{85D82E3B-5F42-4FE2-8993-64F99282E680}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [UDP Query User{C35FA939-86A0-4E6B-9AAF-B4DCD5E7102C}C:\program files\1&1\fboxupd.exe] => (Allow) C:\program files\1&1\fboxupd.exe
FirewallRules: [{3A9FC52B-A777-4ABC-ABAF-DF0880AD4A4E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{257885B6-6087-4E56-861F-72F48D255233}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{7D264A39-5051-4918-A99E-F3EBE90AD86F}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{F428979F-E951-4291-A592-369F7760DF42}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{4DA75E71-DD81-4198-B34A-64F14B9DA25E}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{9033FD3A-8909-4C19-8130-4AF6CB8A2296}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E45CB4B1-E05C-4C78-9A1A-4B5AA6D03B9C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1\WNt500x86\RpcSandraSrv.exe
FirewallRules: [{27FF653E-2A0D-4C5D-8401-30DB0FB5BB27}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{B7891E7C-022C-47E0-AA42-FACA7E4B6B2E}] => (Allow) C:\Program Files\Software4u\iDevice Manager\Software4u.IDeviceManager.exe
FirewallRules: [{4FFA83CB-C837-4B93-87FC-FE0FDAE91AC6}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBBF42D8-C004-414B-B6D5-6819FC95219F}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe
FirewallRules: [UDP Query User{180E934D-78A8-4E31-BA12-CAE8FEF7D41D}C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe] => (Block) C:\program files\antibrowserspy\antibrowserspy-ie-socialblock.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/25/2015 03:14:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SoftwareUpdate.exe, Version 2.1.3.127 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fac

Startzeit: 01d0deac169c70a2

Endzeit: 249

Anwendungspfad: C:\Program Files\Apple Software Update\SoftwareUpdate.exe

Berichts-ID: 85c62676-4ac6-11e5-a630-70f39553e7b7

Error: (08/24/2015 06:16:02 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/24/2015 06:16:02 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/22/2015 03:41:40 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Crawlbereich befindet (Fehler=0x80010108).

Error: (08/22/2015 03:41:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SnippingTool.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1bcc

Startzeit: 01d0dcbae9081514

Endzeit: 312

Anwendungspfad: C:\windows\system32\SnippingTool.exe

Berichts-ID: 71b49f35-48d3-11e5-b821-70f39553e7b7

Error: (08/16/2015 09:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: avkhttp.dll, Version: 25.0.14079.176, Zeitstempel: 0x532a4adc
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008cf92
ID des fehlerhaften Prozesses: 0x140
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 06:40:22 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.

Error: (08/16/2015 01:27:12 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext: Anwendung, SystemIndex Katalog

Error: (08/03/2015 10:00:56 AM) (Source: MsiInstaller) (EventID: 11606) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1606.Could not access network location %APPDATA%\.


Systemfehler:
=============
Error: (08/24/2015 06:46:58 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "S:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (08/24/2015 06:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/23/2015 11:06:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (08/23/2015 10:16:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv.dll

Error: (08/23/2015 10:15:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv.dll

Error: (08/23/2015 10:15:48 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst G Data Personal Firewall konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (08/23/2015 10:15:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv.dll

Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Wireless Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/23/2015 10:09:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/27/2015 03:38:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2068 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/02/2015 12:31:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2364 seconds with 2160 seconds of active time. This session ended with a crash.

Error: (12/07/2014 01:12:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8854 seconds with 1680 seconds of active time. This session ended with a crash.

Error: (11/06/2014 10:05:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 669 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/18/2014 11:01:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47515 seconds with 18060 seconds of active time. This session ended with a crash.

Error: (10/06/2014 10:23:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19835 seconds with 5880 seconds of active time. This session ended with a crash.

Error: (07/28/2014 04:11:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29534 seconds with 16380 seconds of active time. This session ended with a crash.

Error: (07/07/2014 08:46:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7323 seconds with 2940 seconds of active time. This session ended with a crash.

Error: (05/24/2014 11:03:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1296 seconds with 360 seconds of active time. This session ended with a crash.

Error: (03/15/2014 09:57:56 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 7475 seconds with 300 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 2812.56 MB
Verfügbarer physikalischer RAM: 1474.49 MB
Summe virtueller Speicher: 5923.43 MB
Verfügbarer virtueller Speicher: 3397.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:72.29 GB) (Free:1.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Daten) (Fixed) (Total:137 GB) (Free:11.48 GB) NTFS
Drive e: (Nebentätigkeit) (Fixed) (Total:71.5 GB) (Free:12.84 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
Drive g: (SH_SICHERHEIT2015) (CDROM) (Total:5.26 GB) (Free:0 GB) UDF
Drive k: (Alice) (Fixed) (Total:140.39 GB) (Free:136.15 GB) NTFS
Drive l: (Doris) (Fixed) (Total:140.34 GB) (Free:135.54 GB) NTFS
Drive m: (Medien) (Fixed) (Total:1002.22 GB) (Free:573.51 GB) NTFS
Drive n: (Nicolas) (Fixed) (Total:290.12 GB) (Free:223.53 GB) NTFS
Drive o: (Wilfried) (Fixed) (Total:289.95 GB) (Free:235.65 GB) NTFS
Drive s: (Spiegel HP625-C) (Fixed) (Total:74.79 GB) (Free:0 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive u: (Datensicherung) (Fixed) (Total:856.72 GB) (Free:294.17 GB) NTFS
Drive w: (EBLING-ExtFP) (Fixed) (Total:135.02 GB) (Free:4.06 GB) NTFS
Drive x: (Alice-ExtFP) (Fixed) (Total:89.25 GB) (Free:12.09 GB) NTFS
Drive y: (Nicolas-ExtFP) (Fixed) (Total:134.62 GB) (Free:16.54 GB) NTFS
Drive z: (Medien-ExtFP) (Fixed) (Total:572.62 GB) (Free:144.52 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 57E5C010)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=300 MB) - (Type=42)
Partition 3: (Not Active) - (Size=72.3 GB) - (Type=42)
Partition 4: (Not Active) - (Size=225.5 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 1612BA47)
Partition 1: (Not Active) - (Size=74.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=856.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 000DEB38)
Partition 1: (Active) - (Size=135 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=134.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=89.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=572.6 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 0A0BD758)
Partition 1: (Active) - (Size=140.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1722.6 GB) - (Type=OF Extended)

==================== Ende vom FRST.txt ============================[CODE]

Alt 25.08.2015, 11:47   #14
schrauber
/// the machine
/// TB-Ausbilder
 

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Standard

C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren



Java und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Program Files\PDFCreator\PDFCreator-1_2_3_setup.exe

C:\Users\Ebling\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx

C:\Users\Ebling\Desktop\wzmp_10.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren
appdata, bildschirm, bli, blink, blinkt, ebook, fenster, folge, folgendes, guten, handel, hinweis, hochfahren, notebook, roaming, stelle, tagen, users, users\name\appdata\roaming\update-1\um.exe, windows, windows 7, wissen, würde, zusammen, öffnet



Ähnliche Themen: C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren


  1. Windows7 141861-problem-beim-starten-c-users-benutzer-appdata-roaming-babsolution-shared-enhancednt-dll.html
    Plagegeister aller Art und deren Bekämpfung - 01.02.2015 (16)
  2. problem beim starten von c users appdata roaming newnext.me nengine.dll
    Log-Analyse und Auswertung - 11.04.2014 (1)
  3. Lästiges Ding unter users\appdata\roaming
    Log-Analyse und Auswertung - 15.03.2014 (13)
  4. Problem beim Starten. C:\Users\Benutzer\AppData\Roaming\BabSolution\Shared\EnhancedNT.dll
    Plagegeister aller Art und deren Bekämpfung - 18.10.2013 (15)
  5. C:\Users\didi\AppData\Roaming\skype.dat
    Log-Analyse und Auswertung - 30.09.2013 (2)
  6. Online- Banking gesperrt! Trojan.FakeAlert.Gen & Trojan.ZbotR.Gen in (C:\Users\\AppData\Temp & C:\Users\\AppData\Roaming\Osje\rutaap.exe)
    Log-Analyse und Auswertung - 06.02.2013 (1)
  7. RunDll Probleme beim Starten von C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\unicode2.nls
    Log-Analyse und Auswertung - 10.12.2012 (1)
  8. RunDLL Probleme beim Starten von C:\users\***\AppData\Roaming\pndeb.dll & AppData\Local\powstak.dll
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (5)
  9. Viren in C:\Users\***\AppData\Roaming\BAcroIEHelpe*.dll
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (5)
  10. TR/Ransom.EB.28 in C:\Users\***\AppData\Roaming\Microsoft\torrent.exe
    Log-Analyse und Auswertung - 30.07.2012 (8)
  11. TR/Dropper.VB.Gen in C:\Users\Julia\AppData\Roaming... gefunden
    Log-Analyse und Auswertung - 07.07.2012 (2)
  12. Sonderbare Ordner in C:\users\.......\appData\Roaming
    Log-Analyse und Auswertung - 05.03.2012 (9)
  13. c:\Users\Name\AppData\Roaming\acroiehelpe050.dll
    Log-Analyse und Auswertung - 05.12.2011 (15)
  14. Trojan.Gen in C:\Users\***\AppData\Roaming\default\svchost.exe
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (7)
  15. TR/Spy.Zb.aaw.14997 in C:\Users\ICH\appdata\Roaming\...
    Plagegeister aller Art und deren Bekämpfung - 11.07.2010 (17)
  16. Users/***/Appdata/Roaming/Winlogon.exe
    Log-Analyse und Auswertung - 04.07.2010 (7)
  17. 'C:\Users\***\AppData\Roaming\install\svchost.exe'
    Plagegeister aller Art und deren Bekämpfung - 08.06.2010 (6)

Zum Thema C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren - Guten Tag zusammen, seit einigen Tagen öffnet sich beim Hochfahren von Windows 7 ein "Dos-Fenster", bei dem oben im Rahmen Folgendes steht: "C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe" (Anstelle Name steht mein Name, anstelle des - C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren...
Archiv
Du betrachtest: C:\Users\Name\AppData\Roaming\UPDATE-1\UM.exe - Fenster öffnet sich beim Hochfahren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.