Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.08.2015, 20:18   #1
suYincheN
 
Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



Guten Tag,

vorhin hatte sich meine Geschwindigkeit beim surfen rapide verlangsamt.
Ich bekam im Browser eine IPv4 Meldung von Google, welches auf "viele Zugriffe" aus dem Netz hinweisen wollte. Als IP bekam ich angezeigt: 190.151.10.226

Laut Internet soll das wohl ein Bot sein?

Zur Info: ESET Smart Security 8 + MBAM Premium aktiv.

Gruß Chris

Siehe Logs:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:51 on 11/08/2015 (Christian)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-11 21:10:53
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000025 M4-CT256M4SSD2 rev.070H 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\fwryipow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\combase.dll!CoCreateInstance                                                                                                                                                                                        00007ff87bb4d050 7 bytes JMP 00007ff97b9800d8
.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\combase.dll!CoCreateInstanceEx                                                                                                                                                                                      00007ff87bb71340 7 bytes JMP 00007ff97b980110
.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCreate8                                                                                                                                                                                       00007ff8604cc7c0 5 bytes JMP 00007ff87b980180
.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCaptureCreate8                                                                                                                                                                                00007ff8604d0b50 7 bytes JMP 00007ff87b9805a8
.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCaptureCreate                                                                                                                                                                                 00007ff8604e7f30 7 bytes JMP 00007ff87b980570
.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundCreate                                                                                                                                                                                        00007ff8604e8050 7 bytes JMP 00007ff87b980148
.text    C:\Windows\System\HsMgr64.exe[5900] C:\Windows\SYSTEM32\DSOUND.dll!DirectSoundFullDuplexCreate                                                                                                                                                                              00007ff8604e8170 5 bytes JMP 00007ff87b9805e0

---- Threads - GMER 2.1 ----

Thread   C:\Windows\system32\csrss.exe [632:656]                                                                                                                                                                                                                                     fffff960009ad2d0
---- Processes - GMER 2.1 ----

Process  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (FILE NOT FOUND)                                                                                                        0000000001220000
Library  c:\users\christ~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpej5y3l.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912](2015-08-11 18:37:44)                                                  000000005a600000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)                     0000000059f30000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\icuin55.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (ICU I18N DLL/The ICU Project)(2015-07-30 16:36:57)                                                                     000000004a900000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\icuuc55.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (ICU Common DLL/The ICU Project)(2015-07-30 16:36:57)                                                                   0000000006210000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\icudt55.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (ICU Data DLL/The ICU Project)(2015-07-30 16:36:57)                                                                     0000000058340000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)                  0000000057eb0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      0000000057a70000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                  00000000578d0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   00000000568b0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                    0000000056660000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      00000000563f0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5WebChannel.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-07-30 16:36:57)               00000000563d0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                      00000000563a0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)            0000000056360000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)             0000000056310000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)                   00000000562c0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  00000000561d0000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:30)  0000000056190000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912](2015-03-04 21:45:30)                                                                                   000000005df30000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912](2015-03-04 21:45:30)                                                                     0000000054b70000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912](2015-07-30 16:36:58)                                                                        0000000054b50000
Library  C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll (*** suspicious ***) @ C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe [6912](2015-03-04 21:45:30)                                                                              0000000059f20000

---- Disk sectors - GMER 2.1 ----

Disk     \Device\Harddisk1\DR1                                                                                                                                                                                                                                                       unknown MBR code

---- EOF - GMER 2.1 ----
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.08.2015
Suchlaufzeit: 20:37
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.11.06
Rootkit-Datenbank: v2015.08.06.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Name

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 353743
Abgelaufene Zeit: 7 Min., 12 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 11.08.2015, 20:19   #2
suYincheN
 
Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:11-08-2015
durchgeführt von Christian (Administrator) auf CHRISDESKTOP (11-08-2015 21:03:47)
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files\Everything\Everything.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\HsMgr.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\System\HsMgr64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
() C:\Program Files\Everything\Everything.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Polar Electro Oy) C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(QIP) M:\#Programme\QIP 2012\qip.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dropbox, Inc.) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(mIRC Co. Ltd.) M:\#Programme\gIRC\mirc.exe
(Telegram Messenger LLP) C:\Users\Christian\AppData\Roaming\Telegram Desktop\Telegram.exe
(Advanced Micro Devices Inc.) C:\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AgileBits) C:\Program Files (x86)\1Password 4\1Password.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4859152 2015-07-29] (AgileBits)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Dropbox Update] => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [2460424 2015-06-26] (Secomba GmbH)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Infium] => M:\#Programme\QIP 2012\qip.exe [8503280 2014-03-04] (QIP)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-05-28]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2015-07-27]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe ()
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mirc - Verknüpfung.lnk [2015-07-05]
ShortcutTarget: mirc - Verknüpfung.lnk -> M:\#Programme\gIRC\mirc.exe (mIRC Co. Ltd.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2015-08-10]
ShortcutTarget: Telegram.lnk -> C:\Users\Christian\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
SSODL: EldosMountNotificator-cbfs4 - {1A0784DC-4CE3-4BC6-9318-6B5BAC32AA2F} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {1A0784DC-4CE3-4BC6-9318-6B5BAC32AA2F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt"] -> {011F39D2-A764-419E-9479-69C93F6D37E0} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.IconOverlayBlocker.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {76212FC9-6D58-4922-AC6B-82A31D17104E} => C:\Windows\system32\cbfsMntNtf4.dll [2013-11-15] (EldoS Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt"] -> {011F39D2-A764-419E-9479-69C93F6D37E0} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.IconOverlayBlocker.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {76212FC9-6D58-4922-AC6B-82A31D17104E} => C:\Windows\SysWOW64\cbfsMntNtf4.dll [2013-11-15] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3557826585-2545589941-765533996-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll [2015-07-29] (AgileBits)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll [2015-07-29] (AgileBits)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7EF60E29-A117-4FCD-B3D5-07222DAC1A17}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Duolingo on the Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-04-03]
CHR Extension: (Facebook Video Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-04-24]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (aklamio Cashbar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bailoifpnpbamefjlgpcfebledceocbf [2015-04-03]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-04-03]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-03]
CHR Extension: (Telegram) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2015-04-03]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Tampermonkey) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-03]
CHR Extension: (busuu.com) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo [2015-04-03]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Web page captures from browser) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2015-04-03]
CHR Extension: (yingBar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckfalecfdjjpbelmpfieecfdeapfoep [2015-04-03]
CHR Extension: (FoxyProxy Standard) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2015-04-03]
CHR Extension: (Desktop Notifications for Android) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2015-04-03]
CHR Extension: (Downloads - Your Download Box) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe [2015-04-03]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-04-03]
CHR Extension: (Stealthy) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2015-04-03]
CHR Extension: (Dropbox) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-04-03]
CHR Extension: (Disconnect) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-04-03]
CHR Extension: (Image Search Options) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2015-04-03]
CHR Extension: (iGraal) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2015-04-03]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-04-03]
CHR Extension: (Momentum) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2015-04-03]
CHR Extension: (Evernote Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-04-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-03]
CHR Extension: (Capture Webpage Screenshot - FireShot) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-04-03]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-04-03]
CHR Extension: (Ghostery) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-04-03]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2015-04-03]
CHR Extension: (Hangouts) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-04-03]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2015-04-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR Extension: (eBay XXL-Photos) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndhjgnljmmablcpnppcdfbagielaiho [2015-04-03]
CHR Extension: (Enhanced Steam) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-04-03]
CHR Extension: (PAYBACK Internet Assistent für Google Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2015-04-03]
CHR Extension: (ModernDeck) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpfgdgddpnbjcbpofmdanfbbigocklj [2015-04-03]
CHR Extension: (Gutscheinsammler Finder) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilobbegphefikcgjpajnneiiahhejam [2015-04-03]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-05-28] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2007048 2015-08-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-05] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [49872 2015-07-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2013-11-15] (EldoS Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-11 21:02 - 2015-08-11 21:02 - 00380416 _____ C:\Users\Christian\Downloads\Gmer-19357.exe
2015-08-11 20:59 - 2015-08-11 21:03 - 00001184 _____ C:\Users\Christian\Desktop\mbam.txt
2015-08-11 20:52 - 2015-08-11 21:03 - 00044061 _____ C:\Users\Christian\Downloads\Addition.txt
2015-08-11 20:52 - 2015-08-11 21:03 - 00029543 _____ C:\Users\Christian\Downloads\FRST.txt
2015-08-11 20:52 - 2015-08-11 21:03 - 00000000 ____D C:\FRST
2015-08-11 20:52 - 2015-08-11 20:52 - 02172416 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-08-11 20:50 - 2015-08-11 20:50 - 00000000 _____ C:\Users\Christian\defogger_reenable
2015-08-11 20:49 - 2015-08-11 20:51 - 00000480 _____ C:\Users\Christian\Downloads\defogger_disable.log
2015-08-11 20:48 - 2015-08-11 20:48 - 00050477 _____ C:\Users\Christian\Downloads\Defogger.exe
2015-08-11 20:35 - 2015-08-11 20:35 - 00000000 _____ C:\Users\Christian\Desktop\190.151.10.226.txt
2015-08-11 19:38 - 2015-08-11 19:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 16:15 - 2015-08-11 16:16 - 00000000 ____D C:\Users\Christian\Downloads\Neuer Ordner
2015-08-11 13:58 - 2015-08-11 13:58 - 00000000 ____D C:\ProgramData\ATI
2015-08-10 12:39 - 2015-08-10 12:39 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2015-08-10 12:39 - 2015-08-10 12:39 - 00001917 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Garmin_Ltd._or_its_subsid
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\ProgramData\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Program Files\DIFX
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-08-10 11:22 - 2015-08-10 11:22 - 00048947 _____ C:\Windows\SysWOW64\CCCInstall_201508101122310578.log
2015-08-10 11:22 - 2015-08-10 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-10 11:21 - 2015-08-10 11:21 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-08-10 11:14 - 2015-08-11 20:59 - 00564012 _____ C:\Windows\WindowsUpdate.log
2015-08-10 01:07 - 2015-08-10 01:07 - 00000752 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-08-10 01:07 - 2015-08-10 01:07 - 00000668 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-08-10 00:40 - 2015-08-10 00:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-08-10 00:40 - 2015-08-10 00:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\GHISLER
2015-08-09 22:34 - 2015-08-09 22:34 - 00000036 _____ C:\Users\Christian\Desktop\Ohne Titel.avi.sfl
2015-08-09 13:51 - 2015-08-09 14:19 - 00000000 ____D C:\Users\Christian\Desktop\GIGASET QV1030
2015-08-07 22:41 - 2015-08-07 22:41 - 00000014 _____ C:\Users\Christian\Desktop\g2a.txt
2015-08-05 00:20 - 2015-08-06 23:06 - 00000000 ____D C:\Windows\Minidump
2015-08-03 20:55 - 2015-08-03 20:55 - 00003364 _____ C:\Windows\System32\Tasks\Skype
2015-08-02 23:32 - 2015-08-02 23:39 - 00000000 ____D C:\Users\Christian\Desktop\Spende
2015-08-02 20:22 - 2015-08-02 20:22 - 00000000 ____D C:\Users\Christian\Desktop\Verkauf
2015-08-02 19:13 - 2015-08-11 20:40 - 00000000 ____D C:\Users\Christian\.rainlendar2
2015-08-02 19:13 - 2015-08-02 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2015-08-02 19:12 - 2015-08-02 19:13 - 00000000 ____D C:\Program Files\Rainlendar2
2015-08-02 18:46 - 2015-08-02 18:46 - 00000000 ____D C:\Users\Christian\AppData\Local\CEF
2015-08-02 16:23 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-02 16:23 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-02 16:23 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-02 16:23 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-02 16:23 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-02 16:23 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-02 16:23 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-02 16:23 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-01 18:05 - 2015-08-01 18:05 - 00000000 ____D C:\ProgramData\newbackup
2015-08-01 18:04 - 2015-08-01 18:04 - 00000000 ____D C:\ProgramData\rmbwizard
2015-08-01 18:04 - 2015-08-01 18:04 - 00000000 ____D C:\ProgramData\launcher
2015-08-01 18:03 - 2015-08-01 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup and Recovery™ 2014 Free
2015-08-01 18:03 - 2015-08-01 18:03 - 00000000 ____D C:\Program Files\Paragon Software
2015-08-01 18:02 - 2015-08-01 18:02 - 00000000 ____D C:\Users\Christian\AppData\Local\Downloaded Installations
2015-08-01 18:02 - 2015-08-01 18:02 - 00000000 ____D C:\ProgramData\explauncher
2015-07-29 05:44 - 2015-07-29 05:44 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-07-29 05:26 - 2015-07-29 05:26 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-07-29 05:15 - 2015-07-29 05:15 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-07-29 05:09 - 2015-07-29 05:09 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-07-29 05:09 - 2015-07-29 05:09 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-07-29 05:08 - 2015-07-29 05:08 - 39714816 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-29 05:06 - 2015-07-29 05:06 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-07-29 05:05 - 2015-07-29 05:05 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-07-29 04:36 - 2015-07-29 04:36 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-07-29 04:32 - 2015-07-29 04:32 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-07-29 04:30 - 2015-07-29 04:30 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-07-29 04:30 - 2015-07-29 04:30 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-07-29 04:29 - 2015-07-29 04:29 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-07-29 04:26 - 2015-07-29 04:26 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-07-29 04:25 - 2015-07-29 04:25 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-07-29 04:25 - 2015-07-29 04:25 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-07-29 04:23 - 2015-07-29 04:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-07-29 04:22 - 2015-07-29 04:22 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-07-28 19:10 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 22:18 - 2015-07-27 22:18 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AMD
2015-07-27 21:56 - 2015-08-11 20:37 - 00000000 ____D C:\Users\Christian\AppData\Roaming\FAHClient
2015-07-27 21:56 - 2015-07-27 21:56 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FAHClient
2015-07-27 21:56 - 2015-07-27 21:56 - 00000000 ____D C:\Program Files (x86)\FAHClient
2015-07-27 09:21 - 2015-07-27 09:21 - 00089104 _____ (Razer Inc) C:\Windows\system32\RazerCoinstaller.dll
2015-07-26 23:04 - 2015-07-26 23:06 - 00000000 ____D C:\Users\Christian\Desktop\FH Bewerbungen WiSe_2015
2015-07-25 13:56 - 2015-08-11 20:35 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Everything
2015-07-25 13:56 - 2015-07-25 13:56 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2015-07-25 13:56 - 2015-07-25 13:56 - 00000000 ____D C:\Program Files\Everything
2015-07-23 07:50 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-23 07:50 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-23 07:41 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-07-23 07:41 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-21 21:26 - 2015-07-23 18:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-07-21 18:45 - 2015-07-21 18:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Publish Providers
2015-07-21 18:42 - 2015-08-09 22:31 - 00000000 ____D C:\Users\Christian\Documents\Movie Studio Platinum 12.0 Projekte
2015-07-21 18:41 - 2015-07-21 18:42 - 00000000 ____D C:\Users\Christian\AppData\Local\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\ProgramData\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\Program Files\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\Program Files (x86)\Sony
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files\MSBuild
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-21 18:34 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-07-21 18:34 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-07-21 18:31 - 2015-07-21 18:54 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Sony
2015-07-21 17:17 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 17:17 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 17:17 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 17:17 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 22:53 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-20 22:53 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-20 22:53 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-20 22:53 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-15 19:51 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 19:51 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 19:51 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 19:51 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 19:51 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 19:51 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 19:51 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 19:51 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 19:51 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 19:51 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 19:51 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 19:51 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 19:51 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 19:51 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 19:50 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 19:50 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:50 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 19:50 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 19:50 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 19:50 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 19:50 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 19:50 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 19:50 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 19:50 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 19:50 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 19:50 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 19:50 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 19:50 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 19:50 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 19:50 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 19:50 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 19:50 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 19:50 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 19:49 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 19:49 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 19:49 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 19:49 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 19:49 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 19:49 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 19:49 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 19:49 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 19:49 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 19:49 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 19:49 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-15 19:48 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 19:48 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 19:48 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 19:48 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 19:48 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 19:48 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 19:48 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 19:48 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 19:48 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 19:48 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:48 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 19:48 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 19:48 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 19:48 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:48 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:48 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 19:48 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:48 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 19:48 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 19:48 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 19:48 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 19:48 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 19:48 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 19:48 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 19:48 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:48 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 19:48 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 19:48 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 19:48 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 19:48 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:48 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:48 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 19:48 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:48 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 19:48 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 19:48 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 19:48 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:48 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:48 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 19:48 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 19:48 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 19:48 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 19:48 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00102912 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWB6.sys
2015-07-14 20:35 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-14 20:35 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-14 20:35 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-14 20:35 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-14 20:35 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-14 20:35 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-14 20:35 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-14 20:35 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 20:35 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 20:35 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-14 20:35 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-14 20:35 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-14 20:35 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 20:35 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-14 20:35 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-14 20:35 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-14 20:35 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:35 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 20:35 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:35 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 20:35 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-14 20:35 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-14 20:35 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-14 20:35 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-14 20:35 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 20:35 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 20:35 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-14 20:35 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 20:35 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-13 19:19 - 2015-07-13 19:19 - 00053787 _____ C:\Windows\SysWOW64\CCCInstall_201507131919386011.log
2015-07-13 19:19 - 2015-07-13 19:19 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-13 17:19 - 2015-07-13 17:19 - 00169152 _____ C:\Windows\system32\ativce03.dat
2015-07-13 17:19 - 2015-07-13 17:19 - 00167456 _____ C:\Windows\system32\amde31a.dat
2015-07-13 09:34 - 2015-07-13 09:34 - 00200920 _____ (Razer Inc) C:\Windows\system32\Drivers\rzudd.sys
2015-07-13 09:34 - 2015-07-13 09:34 - 00049872 _____ (Razer Inc) C:\Windows\system32\Drivers\rzendpt.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-11 21:04 - 2015-05-18 19:04 - 00000945 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job
2015-08-11 21:04 - 2015-05-18 19:04 - 00000759 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job
2015-08-11 21:04 - 2015-04-11 16:43 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Nitro PDF
2015-08-11 21:02 - 2015-04-03 15:40 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 21:02 - 2015-04-03 15:40 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-11 21:01 - 2015-04-03 16:26 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AgileBits
2015-08-11 20:55 - 2015-06-14 17:44 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2015-08-11 20:50 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian
2015-08-11 20:49 - 2015-04-03 16:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ClassicShell
2015-08-11 20:45 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-08-11 20:43 - 2014-09-24 08:16 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-11 20:43 - 2014-09-24 07:43 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-08-11 20:43 - 2014-09-24 07:43 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-08-11 20:40 - 2015-05-16 01:44 - 00000000 ____D C:\Users\Christian\AppData\Roaming\mIRC
2015-08-11 20:37 - 2015-04-13 22:26 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-11 20:37 - 2015-04-03 16:24 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Dropbox
2015-08-11 20:37 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-11 20:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-11 20:35 - 2015-06-12 22:25 - 00001266 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA.job
2015-08-11 20:16 - 2015-04-03 15:41 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3557826585-2545589941-765533996-1001
2015-08-11 20:09 - 2015-04-03 17:52 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{27C6D7FB-4289-49E3-A0CE-D5E22103A395}
2015-08-11 14:01 - 2015-05-28 20:28 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2015-08-10 13:35 - 2015-06-12 22:25 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core.job
2015-08-10 12:39 - 2015-04-03 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-10 11:50 - 2015-04-03 23:30 - 00000000 ____D C:\Users\Christian\Desktop\Sortieren
2015-08-10 11:22 - 2015-04-03 15:41 - 00000000 ____D C:\AMD
2015-08-10 01:07 - 2015-04-13 23:44 - 00000600 _____ C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-08-09 22:47 - 2015-04-04 22:27 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-08-07 00:31 - 2015-05-05 18:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-06 19:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-06 19:37 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2015-08-03 00:20 - 2015-04-03 18:00 - 00000000 ____D C:\ProgramData\Origin
2015-08-02 16:23 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-02 16:22 - 2015-05-16 17:11 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-08-02 16:03 - 2013-03-31 17:20 - 00001371 _____ C:\Users\Christian\Desktop\Systemwiederherstellung.lnk
2015-08-02 11:01 - 2015-05-16 17:11 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-08-01 12:22 - 2015-04-03 15:44 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-30 18:36 - 2015-04-03 16:22 - 00000000 ____D C:\Program Files (x86)\1Password 4
2015-07-29 05:42 - 2015-03-19 06:15 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-07-29 05:42 - 2015-03-19 06:15 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-07-29 05:42 - 2014-07-21 22:04 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-07-29 05:42 - 2014-07-21 22:04 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-07-29 05:40 - 2015-03-19 06:14 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-29 05:40 - 2014-07-21 22:04 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-07-29 05:40 - 2014-07-21 22:04 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-07-29 05:39 - 2015-03-19 06:14 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-07-29 05:39 - 2015-03-19 06:14 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-07-29 04:26 - 2015-03-19 04:04 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-07-29 04:22 - 2015-03-19 03:40 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-07-29 04:17 - 2015-06-23 03:21 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-07-28 22:07 - 2015-04-03 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-28 21:05 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 21:00 - 2015-04-03 16:31 - 00000000 ____D C:\Windows\Panther
2015-07-25 15:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-25 13:39 - 2015-05-16 22:38 - 00000000 ____D C:\Program Files\CCleaner
2015-07-25 13:37 - 2015-04-03 16:44 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 07:54 - 2015-05-17 13:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-21 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-07-21 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2015-07-20 18:25 - 2015-05-25 11:16 - 00000000 ____D C:\Users\Christian\AppData\Local\Greenshot
2015-07-19 13:30 - 2015-06-12 22:25 - 00004220 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA
2015-07-19 13:30 - 2015-06-12 22:25 - 00003840 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core
2015-07-17 19:38 - 2015-04-03 16:44 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 20:57 - 2015-04-03 15:40 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 20:57 - 2015-04-03 15:40 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 23:34 - 2015-04-03 15:57 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 19:45 - 2015-04-03 16:39 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 19:45 - 2014-09-24 09:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-13 23:10 - 2014-09-24 09:43 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2014-09-24 09:43 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 19:18 - 2015-04-03 15:41 - 00000000 ____D C:\Program Files\AMD
2015-07-13 19:16 - 2015-06-14 17:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 19:16 - 2015-06-14 17:44 - 00000000 ____D C:\ProgramData\Skype
2015-07-12 16:25 - 2015-07-11 21:30 - 00000448 __RSH C:\ProgramData\ntuser.pol

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-13 23:44 - 2015-08-10 01:07 - 0000600 _____ () C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-04-12 00:45 - 2015-06-16 23:24 - 0000600 _____ () C:\Users\Christian\AppData\Local\PUTTY.RND

Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpej5y3l.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-06 19:19

==================== Ende von Ergebnis ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:11-08-2015
durchgeführt von Christian (2015-08-11 21:04:10)
Gestartet von C:\Users\Christian\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3557826585-2545589941-765533996-500 - Administrator - Disabled)
Alexander (S-1-5-21-3557826585-2545589941-765533996-1003 - Limited - Enabled)
Christian (S-1-5-21-3557826585-2545589941-765533996-1001 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-3557826585-2545589941-765533996-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1Password 4.6.0.584 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Xonar DX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version:   - ASUSTeK Computer Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Boxcryptor 2.1 (HKLM-x32\...\{1981BB13-D371-48B4-96C3-83BD9BEFEE12}) (Version: 2.1.417.123 - Secomba GmbH)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5642 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.78.0.2015 - Georgy Berdyshev)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dropbox (HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version:  - SEIKO EPSON Corporation)
ESET Smart Security (HKLM\...\{7BB8ADC6-BA3A-4757-9BE8-4485C651C99C}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
FAHClient (HKLM-x32\...\FAHClient) (Version: 7.4.4 - Stanford University)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gamers.IRC 6.07 (HKLM-x32\...\Gamers.IRC) (Version:  - )
Garmin Express (HKLM-x32\...\{42f02a91-da9c-48e1-8dc5-37f4449db969}) (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
GhostMouse (HKLM-x32\...\GhostMouse_is1) (Version: Free V3.1 - AutomaticSolution Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Greenshot 1.2.4.10 (HKLM\...\Greenshot_is1) (Version: 1.2.4.10 - Greenshot)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.3.7.2 (HKLM-x32\...\{8ED4A1FC-56CF-414C-A9AB-A37714AA9EA7}) (Version: 4.3.7.2 - The Document Foundation)
LiveUSB Creator (remove only) (HKLM-x32\...\LiveUSB Creator) (Version:  - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{6C3C3A70-958D-11E2-B0E5-F04DA23A5C58}) (Version: 12.0.896 - Sony)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 38.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.1.0 (x86 de)) (Version: 38.1.0 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
Nitro Reader 3 (HKLM\...\{47220B83-D895-4262-9227-E5D8FA7F7384}) (Version: 3.5.2.10 - Nitro)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Polar FlowSync Version 2.3.8 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.3.8 - Polar Electro Oy)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.25502 - Razer Inc.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinSCP 5.7.5 (HKLM-x32\...\winscp3_is1) (Version: 5.7.5 - Martin Prikryl)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3557826585-2545589941-765533996-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

21-07-2015 18:33:52 Windows Modules Installer
26-07-2015 13:53:06 Windows Update
26-07-2015 23:05:00 test
30-07-2015 19:16:57 Windows Update
01-08-2015 18:03:18 Installiert Paragon Backup and Recovery™ 2014 Free.
02-08-2015 16:03:09 Test
06-08-2015 19:19:32 Windows Update
10-08-2015 12:24:51 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {16157B6A-4B7E-46BA-80EB-BC88C0EA77F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {2CCAC52B-EA3B-4D4B-BF3F-46B41066BCF4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {360C60DB-B185-43B8-9827-C3CA23C9550C} - System32\Tasks\AdobeAAMUpdater-1.0-ChrisDesktop-Christian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {61B4CFE3-1CFD-4B01-B8B6-5ED7BBDD2A18} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {67D4A2CE-3FF9-42A0-A485-7313BF34F18E} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {138DC8C1-9376-4B23-B6AD-BB2F375DE385} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {71211321-888E-4275-B8E0-C5AB5D95D437} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {87232722-8846-48D5-9EB3-30ADA03FB8DF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {8B27E65B-120F-411C-8425-F88A2B27F94B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-07-29] ()
Task: {909B3163-6960-457B-87F0-2E262EE468C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {9814A1F6-1997-4CD3-AD68-5B453B5CE006} - System32\Tasks\Skype => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.)
Task: {B846E6DF-0F77-433E-B2F8-6D13E884653A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {BE8374A3-1CF5-4EE5-8A21-AFDC5EE9FF5A} - System32\Tasks\EPSON XP-412 413 415 Series Update {138DC8C1-9376-4B23-B6AD-BB2F375DE385} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {C69D90D1-B104-433D-968B-D5A6CA99CB5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core.job => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA.job => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{138DC8C1-9376-4B23-B6AD-BB2F375DE385} /F:UpdateWORKGROUP\CHRISDESKTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-29 19:00 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-07-25 13:56 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2015-04-04 23:04 - 2015-04-05 13:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-04-03 23:21 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-04-03 23:21 - 2008-07-11 16:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2015-05-04 21:25 - 2015-05-04 21:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 04411488 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe
2012-05-16 21:12 - 2012-05-16 21:12 - 00179200 _____ () C:\Program Files\Rainlendar2\lua52.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 00324608 _____ () C:\Program Files\Rainlendar2\libical.dll
2014-03-16 19:42 - 2014-03-16 19:42 - 00082528 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2014-03-14 12:24 - 2014-03-14 12:24 - 00080384 _____ () C:\Program Files\Rainlendar2\libicalss.dll
2014-03-16 19:44 - 2014-03-16 19:44 - 00346208 _____ () C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2012-06-17 15:21 - 2012-06-17 15:21 - 00015360 _____ () C:\Program Files\Rainlendar2\lfs.dll
2015-04-03 23:21 - 2012-06-06 10:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
2015-08-04 21:03 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-04 21:03 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2015-05-05 18:30 - 2014-11-11 10:19 - 01703424 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
2015-05-05 18:30 - 2013-08-25 20:52 - 00048128 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libEGL.dll
2015-05-05 18:30 - 2013-08-25 20:52 - 00728576 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\libGLESv2.dll
2015-05-05 18:30 - 2013-08-25 20:59 - 00833024 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
2012-12-29 21:58 - 2014-03-04 14:28 - 01072624 _____ () M:\#Programme\QIP 2012\Protos\InfICQ\InfICQ.dll
2012-12-29 21:58 - 2014-03-04 14:28 - 00519152 _____ () M:\#Programme\QIP 2012\Protos\MRA\MRA.dll
2012-12-29 21:58 - 2014-03-04 14:28 - 00881136 _____ () M:\#Programme\QIP 2012\Protos\Social\Social.dll
2012-12-29 21:58 - 2014-03-04 14:27 - 04663792 _____ () M:\#Programme\QIP 2012\Core\voip.dll
2015-08-11 20:37 - 2015-08-11 20:37 - 00071168 _____ () c:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpej5y3l.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 18:36 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-04-03 16:22 - 2015-04-28 10:50 - 00376832 _____ () C:\Program Files (x86)\1Password 4\js3215R.dll
2006-11-11 20:10 - 2006-11-11 20:10 - 00025600 _____ () C:\Users\Christian\AppData\Roaming\mIRC\bin\dll\tbwin.dll
2015-07-21 21:26 - 2015-07-21 21:26 - 00153712 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-07-21 21:26 - 2015-07-21 21:26 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3557826585-2545589941-765533996-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img3.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{A0E68A8A-C78D-4C70-A7EE-0D162756C7F4}] => (Allow) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{07CDD1C2-347C-4682-B569-CD0A2DCDFE87}] => (Allow) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{82BC5B3F-8893-48C7-8C95-6D781B26687F}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{0E94E070-401E-4501-B553-C083F3D8AB7C}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{34D4BE86-6947-4D54-A57A-9D31DEE3FACF}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{F1F93A5D-6A20-4355-AEC2-8F5F74C8ACC3}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{9A7FA505-CCA9-44B6-BDDB-A257BE4EA0BA}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{C1F43AD8-7FFF-4424-86D3-AC66FCB325C7}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{090F91A5-106C-4519-B0A1-130D2A20C163}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{2478147D-14F0-4866-879A-6C1FC0455B7D}] => (Allow) E:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe
FirewallRules: [{4D6A8492-A0D4-405C-80C3-114DB3E7BD64}] => (Allow) E:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{CB08137B-B0EC-442A-A352-F87EEDECA8B9}] => (Allow) E:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{8BB001E8-03D4-4E04-B235-954AF4DCF97A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{56C8E8F4-7BCB-427C-8113-48620E034A3E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C09CC13A-620D-4770-9D7E-AF6B1FF22529}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1E358811-DD67-4957-88F5-E7005C23012E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5B5DB8A3-F067-4396-8D53-186D14EDCCAE}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{22D509F2-7D06-49D1-959D-35923E3B4071}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{92404180-7B77-4D06-90CB-E908DC2ECD3D}] => (Allow) LPort=5354
FirewallRules: [{F6DF705A-2EC2-4775-B821-FD2490B0AF69}] => (Allow) LPort=5354
FirewallRules: [{8E37C1E9-EE69-4129-ADEC-49E4AA839370}] => (Allow) LPort=5354
FirewallRules: [{5814DC48-BE90-41DD-B8BB-FA2211AC9EAD}] => (Allow) LPort=5354
FirewallRules: [{FA797CB9-4ED1-4F1A-AAF2-4938772E3F76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E701014E-3EDF-4DD5-8D8F-E206ACD221C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AECB17C-AC72-4472-A098-36ECE65E34C8}] => (Allow) E:\Steam\steamapps\common\Half-Life 2 Update\hl2.exe
FirewallRules: [{77D12322-64F8-44E2-8C75-75A4326CC830}] => (Allow) E:\Steam\steamapps\common\Half-Life 2 Update\hl2.exe
FirewallRules: [{22D5DAE6-E98C-4E0E-A447-687DB8C99B29}] => (Allow) C:\Users\Christian\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{05CFF6F2-D465-4E29-B28B-2D18849EF81A}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{626115C0-61BC-4BF9-BC49-F55D57A85743}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{BD8D8B4F-7C99-4844-9F68-8581F27F5AA1}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B1FC601C-F92C-40C2-B7FC-0E97DACC58AD}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{F5017239-9C6D-41D3-B848-E8EBA594CD1A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3C0C6172-3EB4-4589-8690-65E7899A80CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{90399C66-CA74-41B8-9C8F-08613D13EFAD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9ADCE691-B4D9-4F69-9E37-F6CD05563469}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{770F3DDC-5131-4BAE-9216-2D0D26B68C7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/11/2015 08:37:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000008
Fehleroffset: 0x000000000009310a
ID des fehlerhaften Prozesses: 0x8e0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (08/11/2015 07:57:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FahCore_a4.exe, Version: 0.0.0.0, Zeitstempel: 0x4d23eafc
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xffffff9c
ID des fehlerhaften Prozesses: 0x8008
Startzeit der fehlerhaften Anwendung: 0xFahCore_a4.exe0
Pfad der fehlerhaften Anwendung: FahCore_a4.exe1
Pfad des fehlerhaften Moduls: FahCore_a4.exe2
Berichtskennung: FahCore_a4.exe3
Vollständiger Name des fehlerhaften Pakets: FahCore_a4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FahCore_a4.exe5

Error: (08/11/2015 07:31:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/11/2015 05:59:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FahCore_a4.exe, Version: 0.0.0.0, Zeitstempel: 0x4d23eafc
Name des fehlerhaften Moduls: FahCore_a4.exe, Version: 0.0.0.0, Zeitstempel: 0x4d23eafc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00351762
ID des fehlerhaften Prozesses: 0x6960
Startzeit der fehlerhaften Anwendung: 0xFahCore_a4.exe0
Pfad der fehlerhaften Anwendung: FahCore_a4.exe1
Pfad des fehlerhaften Moduls: FahCore_a4.exe2
Berichtskennung: FahCore_a4.exe3
Vollständiger Name des fehlerhaften Pakets: FahCore_a4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FahCore_a4.exe5

Error: (08/11/2015 04:08:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetAsrMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070001, Unzulässige Funktion.
.


Vorgang:
   PrepareForBackup-Ereignis

Kontext:
   Ausführungskontext: ASR Writer
   Ausführungskontext: Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {5a2dcd85-7de2-47f5-80dc-a5070092cdb2}

Fehlerspezifische Details:
   ASR Writer: Unzulässige Funktion. (0x80070001)

Error: (08/11/2015 04:07:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/11/2015 04:07:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/11/2015 03:43:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "IVssAsrWriterBackup::GetAsrMetadata" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070001, Unzulässige Funktion.
.


Vorgang:
   PrepareForBackup-Ereignis

Kontext:
   Ausführungskontext: ASR Writer
   Ausführungskontext: Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {5a2dcd85-7de2-47f5-80dc-a5070092cdb2}

Fehlerspezifische Details:
   ASR Writer: Unzulässige Funktion. (0x80070001)

Error: (08/11/2015 03:42:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (08/11/2015 02:53:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (08/11/2015 08:51:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LENOVO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7EF60E29-A117-4FCD-B3D5-07222DAC1A17}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/11/2015 08:49:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro

Error: (08/11/2015 08:37:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/11/2015 08:36:45 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT-AUTORITÄT)
Description: A TCG Command has returned an error.
Desc: AuthenticateSession
Param1: 0x1
Param2: 0x60000001c
Param3: 0x900000006
Param4: 0x0
Status: 0x1

Error: (08/11/2015 08:10:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LENOVO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7EF60E29-A117-4FCD-B3D5-07222DAC1A17}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (08/11/2015 07:33:39 PM) (Source: DCOM) (EventID: 10010) (User: ChrisDesktop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/11/2015 07:33:08 PM) (Source: DCOM) (EventID: 10010) (User: ChrisDesktop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/11/2015 06:39:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: EPSON - Printers - EPSON XP-412 413 415 Series

Error: (08/11/2015 04:09:33 PM) (Source: DCOM) (EventID: 10010) (User: ChrisDesktop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/11/2015 04:09:02 PM) (Source: DCOM) (EventID: 10010) (User: ChrisDesktop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================
Error: (08/11/2015 08:37:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_stisvc6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000008000000000009310a8e001d0d464ba204bc5C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllf88a68cc-4057-11e5-8272-bc5ff444a3ec

Error: (08/11/2015 07:57:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FahCore_a4.exe0.0.0.04d23eafcunknown0.0.0.000000000c0000005ffffff9c800801d0d44ebe1c52caC:\Users\Christian\AppData\Roaming\FAHClient\cores\web.stanford.edu\~pande\Win32\AMD64\Core_a4.fah\FahCore_a4.exeunknown624907d4-4052-11e5-8271-bc5ff444a3ec

Error: (08/11/2015 07:31:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (08/11/2015 05:59:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FahCore_a4.exe0.0.0.04d23eafcFahCore_a4.exe0.0.0.04d23eafcc000000500351762696001d0d449b3637749C:\Users\Christian\AppData\Roaming\FAHClient\cores\web.stanford.edu\~pande\Win32\AMD64\Core_a4.fah\FahCore_a4.exeC:\Users\Christian\AppData\Roaming\FAHClient\cores\web.stanford.edu\~pande\Win32\AMD64\Core_a4.fah\FahCore_a4.exefa6f183a-4041-11e5-8271-bc5ff444a3ec

Error: (08/11/2015 04:08:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: IVssAsrWriterBackup::GetAsrMetadata0x80070001, Unzulässige Funktion.


Vorgang:
   PrepareForBackup-Ereignis

Kontext:
   Ausführungskontext: ASR Writer
   Ausführungskontext: Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {5a2dcd85-7de2-47f5-80dc-a5070092cdb2}

Fehlerspezifische Details:
   ASR Writer: Unzulässige Funktion. (0x80070001)

Error: (08/11/2015 04:07:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (08/11/2015 04:07:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (08/11/2015 03:43:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: IVssAsrWriterBackup::GetAsrMetadata0x80070001, Unzulässige Funktion.


Vorgang:
   PrepareForBackup-Ereignis

Kontext:
   Ausführungskontext: ASR Writer
   Ausführungskontext: Writer
   Generatorklassen-ID: {be000cbe-11fe-4426-9c58-531aa6355fc4}
   Generatorname: ASR Writer
   Generatorinstanz-ID: {5a2dcd85-7de2-47f5-80dc-a5070092cdb2}

Fehlerspezifische Details:
   ASR Writer: Unzulässige Funktion. (0x80070001)

Error: (08/11/2015 03:42:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (08/11/2015 02:53:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16268.75 MB
Verfügbarer physikalischer RAM: 12580.02 MB
Summe virtueller Speicher: 32652.75 MB
Verfügbarer virtueller Speicher: 27860.57 MB

==================== Laufwerke ================================

Drive c: (Windows SSD) (Fixed) (Total:237.96 GB) (Free:109.11 GB) NTFS
Drive d: (Datengrab HDD) (Fixed) (Total:465.76 GB) (Free:465.57 GB) NTFS
Drive e: (Games SSD) (Fixed) (Total:476.81 GB) (Free:282.79 GB) NTFS
Drive f: () (Fixed) (Total:465.76 GB) (Free:465.57 GB) NTFS
Drive g: (INTENSO) (Fixed) (Total:931.51 GB) (Free:931.26 GB) NTFS
Drive m: (Daten HDD) (Fixed) (Total:931.51 GB) (Free:428.29 GB) NTFS
Drive n: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1325.53 GB) NTFS
Drive x: (Boxcryptor) (Fixed) (Total:931.51 GB) (Free:428.29 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 4D5CACFB)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 71617673)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5F80408B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8E564E73)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 1863 GB) (Disk ID: 9C2D6363)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 9257AB85)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Ergebnis ============================
         
__________________


Alt 12.08.2015, 07:20   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
__________________

Alt 12.08.2015, 11:44   #4
suYincheN
 
Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



Hallo schrauber, danke für deine Hilfe!

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.12.02
  rootkit: v2015.08.06.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
Christian :: CHRISDESKTOP [administrator]

12.08.2015 12:35:21
mbar-log-2015-08-12 (12-35-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 354717
Time elapsed: 6 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 13.08.2015, 08:12   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.08.2015, 08:46   #6
suYincheN
 
Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 13.08.2015
Suchlaufzeit: 09:19
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.08.13.02
Rootkit-Datenbank: v2015.08.06.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Christian

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 361592
Abgelaufene Zeit: 7 Min., 22 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 13/08/2015 um 09:36:33
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-12.1 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Christian - CHRISDESKTOP
# Gestarted von : C:\Users\Christian\Downloads\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Google Chrome v44.0.2403.155

[C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1412626042&from=cor&uid=INTELXSSDSC2CT180A3XXXXXXXXXXXXXXXXXXX_CVMP215506V1180CGN&q={searchTerms}
[C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [946 Bytes] - [13/08/2015 09:33:56]
AdwCleaner[R1].txt - [1441 Bytes] - [13/08/2015 09:35:57]
AdwCleaner[S0].txt - [778 Bytes] - [13/08/2015 09:35:40]
AdwCleaner[S1].txt - [1361 Bytes] - [13/08/2015 09:36:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1420  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 8.1 Pro x64
Ran by Christian on 13.08.2015 at  9:39:55,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{037C06D5-3893-49E8-9AC0-41F7524AFBF5}



~~~ Files



~~~ Folders



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Successfully deleted: [Folder] C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
gkojfkhlekighikafcpjkiklfbnlmeio

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  gkojfkhlekighikafcpjkiklfbnlmeio,
  lbfehkoinhhcknnbdgnnmjhiladcgbol
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.08.2015 at  9:41:52,74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
durchgeführt von Christian (Administrator) auf CHRISDESKTOP (13-08-2015 09:44:05)
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(mIRC Co. Ltd.) D:\#Programme\gIRC\mirc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4859152 2015-07-29] (AgileBits)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Dropbox Update] => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [2460424 2015-06-26] (Secomba GmbH)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [ScreenBlur by InDeep Software] => D:\#Programme\ScreenBlur\ScreenBlur.exe [615936 2015-08-12] (InDeep Software)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Infium] => D:\#Programme\QIP 2012\qip.exe [8503280 2014-03-04] (QIP)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-05-28]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2015-07-27]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe ()
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mirc - Verknüpfung.lnk [2015-07-05]
ShortcutTarget: mirc - Verknüpfung.lnk -> D:\#Programme\gIRC\mirc.exe (mIRC Co. Ltd.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2015-08-10]
ShortcutTarget: Telegram.lnk -> C:\Users\Christian\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
SSODL: EldosMountNotificator-cbfs4 - {1A0784DC-4CE3-4BC6-9318-6B5BAC32AA2F} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {1A0784DC-4CE3-4BC6-9318-6B5BAC32AA2F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt"] -> {011F39D2-A764-419E-9479-69C93F6D37E0} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.IconOverlayBlocker.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {76212FC9-6D58-4922-AC6B-82A31D17104E} => C:\Windows\system32\cbfsMntNtf4.dll [2013-11-15] (EldoS Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt"] -> {011F39D2-A764-419E-9479-69C93F6D37E0} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.IconOverlayBlocker.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {76212FC9-6D58-4922-AC6B-82A31D17104E} => C:\Windows\SysWOW64\cbfsMntNtf4.dll [2013-11-15] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3557826585-2545589941-765533996-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll [2015-07-29] (AgileBits)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7EF60E29-A117-4FCD-B3D5-07222DAC1A17}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Duolingo on the Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-04-03]
CHR Extension: (Facebook Video Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-04-24]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (aklamio Cashbar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bailoifpnpbamefjlgpcfebledceocbf [2015-04-03]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-04-03]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-03]
CHR Extension: (Telegram) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2015-04-03]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Tampermonkey) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-03]
CHR Extension: (busuu.com) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo [2015-04-03]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Web page captures from browser) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2015-04-03]
CHR Extension: (yingBar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckfalecfdjjpbelmpfieecfdeapfoep [2015-04-03]
CHR Extension: (FoxyProxy Standard) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2015-04-03]
CHR Extension: (Desktop Notifications for Android) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2015-04-03]
CHR Extension: (Downloads - Your Download Box) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe [2015-04-03]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-13]
CHR Extension: (Dropbox) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-04-03]
CHR Extension: (Disconnect) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-04-03]
CHR Extension: (Image Search Options) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2015-04-03]
CHR Extension: (iGraal) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2015-04-03]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-04-03]
CHR Extension: (Momentum) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2015-04-03]
CHR Extension: (Evernote Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-08-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-03]
CHR Extension: (Capture Webpage Screenshot - FireShot) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-04-03]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-04-03]
CHR Extension: (Ghostery) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-04-03]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2015-04-03]
CHR Extension: (Hangouts) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-04-03]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2015-04-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR Extension: (eBay XXL-Photos) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndhjgnljmmablcpnppcdfbagielaiho [2015-04-03]
CHR Extension: (Enhanced Steam) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-04-03]
CHR Extension: (PAYBACK Internet Assistent für Google Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2015-04-03]
CHR Extension: (ModernDeck) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpfgdgddpnbjcbpofmdanfbbigocklj [2015-04-03]
CHR Extension: (Gutscheinsammler Finder) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilobbegphefikcgjpajnneiiahhejam [2015-04-03]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKU\S-1-5-21-3557826585-2545589941-765533996-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-05-28] (Adobe Systems) [Datei ist nicht signiert]
S2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
S2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2007048 2015-08-02] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-05] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [49872 2015-07-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2013-11-15] (EldoS Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 09:44 - 2015-08-13 09:44 - 00028155 _____ C:\Users\Christian\Downloads\FRST.txt
2015-08-13 09:43 - 2015-08-13 09:43 - 00000000 ____D C:\Users\Christian\Downloads\FRST-OlderVersion
2015-08-13 09:41 - 2015-08-13 09:42 - 00002085 _____ C:\Users\Christian\Desktop\JRT.txt
2015-08-13 09:39 - 2015-08-13 09:39 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Christian\Downloads\JRT.exe
2015-08-13 09:38 - 2015-08-13 09:38 - 00001500 _____ C:\Users\Christian\Desktop\AdwCleaner[S1].txt
2015-08-13 09:33 - 2015-08-13 09:36 - 00000000 ____D C:\AdwCleaner
2015-08-13 09:33 - 2015-08-13 09:33 - 02248704 _____ C:\Users\Christian\Downloads\AdwCleaner_4.208.exe
2015-08-12 20:38 - 2015-08-12 20:38 - 00000000 ____D C:\Users\Christian\AppData\Local\GHISLER
2015-08-12 20:37 - 2015-08-12 20:38 - 00000000 ____D C:\Users\Christian\Desktop\GPX
2015-08-12 19:25 - 2015-08-13 09:36 - 00310126 ____N C:\Windows\WindowsUpdate.log
2015-08-12 18:22 - 2015-08-12 18:22 - 00548073 _____ C:\Users\Christian\Downloads\ScreenBlur_1.3.0.27.zip
2015-08-12 15:37 - 2015-08-12 15:51 - 00000000 ____D C:\Users\Christian\Desktop\New folder1
2015-08-12 15:36 - 2015-08-12 15:36 - 00000808 _____ C:\Users\Christian\Desktop\dreamboxEDIT.lnk
2015-08-12 15:36 - 2015-08-12 15:36 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2015-08-12 12:49 - 2015-08-12 12:50 - 00000000 ____D C:\ProgramData\F-Secure
2015-08-12 12:49 - 2015-08-12 12:49 - 00572456 _____ (F-Secure Corporation) C:\Users\Christian\Downloads\F-SecureOnlineScanner.exe
2015-08-12 12:49 - 2015-08-12 12:49 - 00000000 ____D C:\Users\Christian\AppData\Local\F-Secure
2015-08-12 12:35 - 2015-08-12 17:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-12 12:34 - 2015-08-12 15:06 - 00000000 ____D C:\Users\Christian\Desktop\mbar
2015-08-12 12:33 - 2015-08-12 12:33 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Christian\Downloads\mbar-1.09.1.1004.exe
2015-08-12 00:58 - 2015-08-12 00:58 - 00042040 _____ C:\Users\Christian\Documents\netscan.xml
2015-08-12 00:55 - 2015-08-12 00:55 - 02889262 _____ C:\Users\Christian\Downloads\netscan-607.zip
2015-08-11 23:21 - 2015-08-11 23:21 - 00001559 _____ C:\Users\Christian\Desktop\Google Drive.lnk
2015-08-11 23:19 - 2015-08-11 23:19 - 00931408 _____ (Google Inc.) C:\Users\Christian\Downloads\googledrivesync.exe
2015-08-11 23:19 - 2015-08-11 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-11 22:52 - 2015-08-12 15:28 - 00000000 ____D C:\Users\Christian\Documents\1Password
2015-08-11 21:34 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:34 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:30 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 21:30 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 21:30 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 21:30 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:30 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:30 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 21:30 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 21:30 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 21:30 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 21:30 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 21:30 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 21:30 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 21:30 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 21:30 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 21:30 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 21:30 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-11 21:30 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 21:30 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 21:30 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 21:30 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 21:30 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 21:30 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 21:30 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-11 21:30 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 21:30 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 21:30 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 21:30 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 21:30 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 21:30 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 21:30 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-11 21:30 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-11 21:30 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 21:30 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 21:30 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 21:30 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-11 21:30 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 21:30 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 21:30 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-11 21:30 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 21:30 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 21:30 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 21:30 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-11 21:30 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-11 21:30 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 21:30 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 21:30 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 21:30 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 21:30 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 21:30 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-11 21:30 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 21:30 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 21:30 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 21:30 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 21:30 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:30 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:30 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:30 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:30 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 21:30 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 21:30 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:30 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 21:30 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-11 21:30 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:30 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 21:30 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-11 21:30 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 21:30 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 21:30 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 21:30 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 21:30 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 21:30 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 21:30 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-11 21:30 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-11 21:30 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-11 21:30 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 21:30 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 21:30 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 21:30 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 21:10 - 2015-08-11 21:10 - 00010079 _____ C:\Users\Christian\Desktop\Gmer.txt
2015-08-11 21:02 - 2015-08-11 21:02 - 00380416 _____ C:\Users\Christian\Downloads\Gmer-19357.exe
2015-08-11 20:59 - 2015-08-13 09:31 - 00001189 _____ C:\Users\Christian\Desktop\mbam.txt
2015-08-11 20:52 - 2015-08-13 09:44 - 00000000 ____D C:\FRST
2015-08-11 20:52 - 2015-08-13 09:43 - 02173952 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-08-11 20:50 - 2015-08-11 20:50 - 00000000 _____ C:\Users\Christian\defogger_reenable
2015-08-11 20:48 - 2015-08-11 20:48 - 00050477 _____ C:\Users\Christian\Downloads\Defogger.exe
2015-08-11 20:35 - 2015-08-11 20:35 - 00000000 _____ C:\Users\Christian\Desktop\190.151.10.226.txt
2015-08-11 19:38 - 2015-08-11 19:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 16:15 - 2015-08-11 16:16 - 00000000 ____D C:\Users\Christian\Downloads\Neuer Ordner
2015-08-11 13:58 - 2015-08-11 13:58 - 00000000 ____D C:\ProgramData\ATI
2015-08-10 12:39 - 2015-08-10 12:39 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Garmin_Ltd._or_its_subsid
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\ProgramData\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Program Files\DIFX
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-08-10 11:22 - 2015-08-10 11:22 - 00048947 _____ C:\Windows\SysWOW64\CCCInstall_201508101122310578.log
2015-08-10 11:22 - 2015-08-10 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-10 01:07 - 2015-08-10 01:07 - 00000752 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-08-10 01:07 - 2015-08-10 01:07 - 00000668 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-08-10 00:40 - 2015-08-10 00:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-08-10 00:40 - 2015-08-10 00:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\GHISLER
2015-08-09 22:34 - 2015-08-09 22:34 - 00000036 _____ C:\Users\Christian\Desktop\Ohne Titel.avi.sfl
2015-08-09 13:51 - 2015-08-11 21:16 - 00000000 ____D C:\Users\Christian\Desktop\GIGASET QV1030
2015-08-07 22:41 - 2015-08-07 22:41 - 00000014 _____ C:\Users\Christian\Desktop\g2a.txt
2015-08-05 00:20 - 2015-08-06 23:06 - 00000000 ____D C:\Windows\Minidump
2015-08-03 20:55 - 2015-08-03 20:55 - 00003364 _____ C:\Windows\System32\Tasks\Skype
2015-08-02 23:32 - 2015-08-02 23:39 - 00000000 ____D C:\Users\Christian\Desktop\Spende
2015-08-02 20:22 - 2015-08-02 20:22 - 00000000 ____D C:\Users\Christian\Desktop\Verkauf
2015-08-02 19:13 - 2015-08-13 09:38 - 00000000 ____D C:\Users\Christian\.rainlendar2
2015-08-02 19:13 - 2015-08-02 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2015-08-02 19:12 - 2015-08-02 19:13 - 00000000 ____D C:\Program Files\Rainlendar2
2015-08-02 18:46 - 2015-08-02 18:46 - 00000000 ____D C:\Users\Christian\AppData\Local\CEF
2015-08-02 16:23 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-02 16:23 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-02 16:23 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-02 16:23 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-02 16:23 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-02 16:23 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-02 16:23 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-02 16:23 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-01 18:05 - 2015-08-01 18:05 - 00000000 ____D C:\ProgramData\newbackup
2015-08-01 18:04 - 2015-08-01 18:04 - 00000000 ____D C:\ProgramData\rmbwizard
2015-08-01 18:04 - 2015-08-01 18:04 - 00000000 ____D C:\ProgramData\launcher
2015-08-01 18:03 - 2015-08-01 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup and Recovery™ 2014 Free
2015-08-01 18:03 - 2015-08-01 18:03 - 00000000 ____D C:\Program Files\Paragon Software
2015-08-01 18:02 - 2015-08-01 18:02 - 00000000 ____D C:\Users\Christian\AppData\Local\Downloaded Installations
2015-08-01 18:02 - 2015-08-01 18:02 - 00000000 ____D C:\ProgramData\explauncher
2015-07-29 05:44 - 2015-07-29 05:44 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-07-29 05:26 - 2015-07-29 05:26 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-07-29 05:15 - 2015-07-29 05:15 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-07-29 05:09 - 2015-07-29 05:09 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-07-29 05:09 - 2015-07-29 05:09 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-07-29 05:08 - 2015-07-29 05:08 - 39714816 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-29 05:06 - 2015-07-29 05:06 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-07-29 05:05 - 2015-07-29 05:05 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-07-29 04:36 - 2015-07-29 04:36 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-07-29 04:32 - 2015-07-29 04:32 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-07-29 04:30 - 2015-07-29 04:30 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-07-29 04:30 - 2015-07-29 04:30 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-07-29 04:29 - 2015-07-29 04:29 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-07-29 04:26 - 2015-07-29 04:26 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-07-29 04:25 - 2015-07-29 04:25 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-07-29 04:25 - 2015-07-29 04:25 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-07-29 04:23 - 2015-07-29 04:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-07-29 04:22 - 2015-07-29 04:22 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-07-27 22:18 - 2015-07-27 22:18 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AMD
2015-07-27 21:56 - 2015-08-13 09:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\FAHClient
2015-07-27 21:56 - 2015-07-27 21:56 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FAHClient
2015-07-27 21:56 - 2015-07-27 21:56 - 00000000 ____D C:\Program Files (x86)\FAHClient
2015-07-27 09:21 - 2015-07-27 09:21 - 00089104 _____ (Razer Inc) C:\Windows\system32\RazerCoinstaller.dll
2015-07-26 23:04 - 2015-07-26 23:06 - 00000000 ____D C:\Users\Christian\Desktop\FH Bewerbungen WiSe_2015
2015-07-25 13:56 - 2015-08-13 00:02 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Everything
2015-07-25 13:56 - 2015-07-25 13:56 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2015-07-25 13:56 - 2015-07-25 13:56 - 00000000 ____D C:\Program Files\Everything
2015-07-23 07:41 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-07-23 07:41 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-21 21:26 - 2015-07-23 18:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-07-21 18:45 - 2015-07-21 18:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Publish Providers
2015-07-21 18:42 - 2015-08-09 22:31 - 00000000 ____D C:\Users\Christian\Documents\Movie Studio Platinum 12.0 Projekte
2015-07-21 18:41 - 2015-07-21 18:42 - 00000000 ____D C:\Users\Christian\AppData\Local\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\ProgramData\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\Program Files\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\Program Files (x86)\Sony
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files\MSBuild
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-21 18:34 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-07-21 18:34 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-07-21 18:31 - 2015-07-21 18:54 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Sony
2015-07-20 22:53 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-20 22:53 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-20 22:53 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-20 22:53 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-15 19:51 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 19:51 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 19:51 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 19:51 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 19:51 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 19:51 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 19:51 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 19:51 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 19:51 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 19:51 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 19:51 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 19:51 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 19:51 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 19:50 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:50 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 19:50 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 19:50 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 19:50 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 19:50 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 19:50 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 19:49 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 19:49 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 19:49 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 19:49 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 19:49 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 19:49 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 19:49 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-15 19:48 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 19:48 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 19:48 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:48 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 19:48 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:48 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:48 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:48 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:48 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 19:48 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:48 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:48 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 19:48 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:48 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 19:48 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:48 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:48 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 19:48 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00102912 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWB6.sys
2015-07-14 20:35 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-14 20:35 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 20:35 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 20:35 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-14 20:35 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-14 20:35 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-14 20:35 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 20:35 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-14 20:35 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-14 20:35 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-14 20:35 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:35 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 20:35 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:35 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 20:35 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-14 20:35 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-14 20:35 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-14 20:35 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-14 20:35 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 20:35 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 20:35 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-14 20:35 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 20:35 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 09:43 - 2015-05-16 01:44 - 00000000 ____D C:\Users\Christian\AppData\Roaming\mIRC
2015-08-13 09:43 - 2014-09-24 08:16 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-13 09:43 - 2014-09-24 07:43 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-08-13 09:43 - 2014-09-24 07:43 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-08-13 09:42 - 2015-04-03 15:41 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3557826585-2545589941-765533996-1001
2015-08-13 09:38 - 2015-06-14 17:44 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2015-08-13 09:38 - 2015-04-03 16:24 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Dropbox
2015-08-13 09:37 - 2015-04-13 22:26 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-13 09:37 - 2015-04-03 15:40 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-13 09:37 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 09:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-13 09:35 - 2015-06-12 22:25 - 00001266 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA.job
2015-08-13 09:35 - 2015-04-03 16:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ClassicShell
2015-08-13 09:04 - 2015-05-18 19:04 - 00000945 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job
2015-08-13 09:04 - 2015-05-18 19:04 - 00000759 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job
2015-08-13 09:04 - 2015-04-11 16:43 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Nitro PDF
2015-08-13 09:03 - 2015-04-03 15:40 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 09:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-13 08:22 - 2015-05-28 20:28 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2015-08-13 08:22 - 2015-04-03 17:52 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{27C6D7FB-4289-49E3-A0CE-D5E22103A395}
2015-08-13 00:02 - 2015-04-13 23:44 - 00000600 _____ C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-08-12 20:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-12 18:29 - 2015-05-25 11:16 - 00000000 ____D C:\Users\Christian\AppData\Local\Greenshot
2015-08-12 17:06 - 2015-05-05 18:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-12 15:31 - 2015-04-03 16:26 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AgileBits
2015-08-12 14:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-12 13:35 - 2015-06-12 22:25 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core.job
2015-08-11 23:19 - 2015-04-03 15:40 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2015-08-11 23:19 - 2015-04-03 15:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-11 23:03 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-11 21:34 - 2015-04-03 15:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-11 21:34 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-11 21:31 - 2015-04-03 15:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:30 - 2015-04-03 16:39 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-11 21:30 - 2014-09-24 09:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-11 20:45 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-08-10 12:39 - 2015-04-03 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-10 11:50 - 2015-04-03 23:30 - 00000000 ____D C:\Users\Christian\Desktop\Sortieren
2015-08-10 11:22 - 2015-04-03 15:41 - 00000000 ____D C:\AMD
2015-08-09 22:47 - 2015-04-04 22:27 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-08-08 15:55 - 2014-09-24 09:43 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-09-24 09:43 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 19:37 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2015-08-03 00:20 - 2015-04-03 18:00 - 00000000 ____D C:\ProgramData\Origin
2015-08-02 16:22 - 2015-05-16 17:11 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-08-02 16:03 - 2013-03-31 17:20 - 00001371 _____ C:\Users\Christian\Desktop\Systemwiederherstellung.lnk
2015-08-02 11:01 - 2015-05-16 17:11 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-08-01 12:22 - 2015-04-03 15:44 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-30 18:36 - 2015-04-03 16:22 - 00000000 ____D C:\Program Files (x86)\1Password 4
2015-07-29 05:42 - 2015-03-19 06:15 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-07-29 05:42 - 2015-03-19 06:15 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-07-29 05:42 - 2014-07-21 22:04 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-07-29 05:42 - 2014-07-21 22:04 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-07-29 05:40 - 2015-03-19 06:14 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-29 05:40 - 2014-07-21 22:04 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-07-29 05:40 - 2014-07-21 22:04 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-07-29 05:39 - 2015-03-19 06:14 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-07-29 05:39 - 2015-03-19 06:14 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-07-29 04:26 - 2015-03-19 04:04 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-07-29 04:22 - 2015-03-19 03:40 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-07-29 04:17 - 2015-06-23 03:21 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-07-28 22:07 - 2015-04-03 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-28 21:05 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 21:00 - 2015-04-03 16:31 - 00000000 ____D C:\Windows\Panther
2015-07-25 13:39 - 2015-05-16 22:38 - 00000000 ____D C:\Program Files\CCleaner
2015-07-25 13:37 - 2015-04-03 16:44 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 07:54 - 2015-05-17 13:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-21 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-07-21 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2015-07-19 13:30 - 2015-06-12 22:25 - 00004220 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA
2015-07-19 13:30 - 2015-06-12 22:25 - 00003840 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core
2015-07-17 19:38 - 2015-04-03 16:44 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 20:57 - 2015-04-03 15:40 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 20:57 - 2015-04-03 15:40 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-13 23:44 - 2015-08-13 00:02 - 0000600 _____ () C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-04-12 00:45 - 2015-06-16 23:24 - 0000600 _____ () C:\Users\Christian\AppData\Local\PUTTY.RND

Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppxeuki.dll
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-06 19:19

==================== Ende von Ergebnis ============================
         

Alt 13.08.2015, 15:00   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.08.2015, 19:25   #8
suYincheN
 
Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus



Ich hatte seitdem keine Meldung mehr, war hoffentlich nur eine einmalige Sache?
Evtl. Proxy aktiv? Zumindest hatte ich keinen gestartet.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=57eedc279ec9cf4fa80a07fb9153de2f
# end=init
# utc_time=2015-08-13 02:47:33
# local_time=2015-08-13 04:47:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# nod_component=V3 Build:0x30000000
Update Init
Update Download
Update Finalize
Updated modules version: 25262
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=57eedc279ec9cf4fa80a07fb9153de2f
# end=updated
# utc_time=2015-08-13 02:48:33
# local_time=2015-08-13 04:48:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# nod_component=V3 Build:0x30000000
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=57eedc279ec9cf4fa80a07fb9153de2f
# engine=25262
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-13 04:01:29
# local_time=2015-08-13 06:01:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 159914 13157956 0 0
# compatibility_mode_1='ESET Smart Security 8.0'
# compatibility_mode=8228 16777213 100 100 8321777 17038395 0 0
# scanned=344318
# found=0
# cleaned=0
# scan_time=4375
# nod_component=V3 Build:0x30000000
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
ESET Smart Security 8.0   
Windows Defender          
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Mozilla Thunderbird (38.1.0) 
 Google Chrome (44.0.2403.130) 
 Google Chrome (44.0.2403.155) 
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 ESET ESET Online Scanner OnlineScannerApp.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
durchgeführt von Christian (Administrator) auf CHRISDESKTOP (13-08-2015 20:23:36)
Gestartet von C:\Users\Christian\Downloads
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files\Everything\Everything.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
() C:\Program Files\Everything\Everything.exe
(Polar Electro Oy) C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
() C:\Program Files\Rainlendar2\Rainlendar2.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(InDeep Software) D:\#Programme\ScreenBlur\ScreenBlur.exe
(QIP) D:\#Programme\QIP 2012\qip.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Advanced Micro Devices Inc.) C:\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\AMD\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\FAHClient\FAHClient.exe
(mIRC Co. Ltd.) D:\#Programme\gIRC\mirc.exe
(Telegram Messenger LLP) C:\Users\Christian\AppData\Roaming\Telegram Desktop\Telegram.exe
(AgileBits) C:\Program Files (x86)\1Password 4\1Password.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Christian\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [536576 2014-12-29] (Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [4859152 2015-07-29] (AgileBits)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Polar FlowSync] => C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [1125376 2014-11-11] (Polar Electro Oy)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILEE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Dropbox Update] => C:\Users\Christian\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [2460424 2015-06-26] (Secomba GmbH)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [4411488 2014-03-16] ()
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [ScreenBlur by InDeep Software] => D:\#Programme\ScreenBlur\ScreenBlur.exe [615936 2015-08-12] (InDeep Software)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-21-3557826585-2545589941-765533996-1001\...\Run: [Infium] => D:\#Programme\QIP 2012\qip.exe [8503280 2014-03-04] (QIP)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-05-28]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2015-07-27]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe ()
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mirc - Verknüpfung.lnk [2015-07-05]
ShortcutTarget: mirc - Verknüpfung.lnk -> D:\#Programme\gIRC\mirc.exe (mIRC Co. Ltd.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2015-08-10]
ShortcutTarget: Telegram.lnk -> C:\Users\Christian\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
SSODL: EldosMountNotificator-cbfs4 - {1A0784DC-4CE3-4BC6-9318-6B5BAC32AA2F} - C:\Windows\system32\cbfsMntNtf4.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs4 - {1A0784DC-4CE3-4BC6-9318-6B5BAC32AA2F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt"] -> {011F39D2-A764-419E-9479-69C93F6D37E0} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.IconOverlayBlocker.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs4] -> {76212FC9-6D58-4922-AC6B-82A31D17104E} => C:\Windows\system32\cbfsMntNtf4.dll [2013-11-15] (EldoS Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt"] -> {011F39D2-A764-419E-9479-69C93F6D37E0} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt2"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.IconOverlayBlocker.Ext.dll [2015-06-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs4] -> {76212FC9-6D58-4922-AC6B-82A31D17104E} => C:\Windows\SysWOW64\cbfsMntNtf4.dll [2013-11-15] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3557826585-2545589941-765533996-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll [2015-07-29] (AgileBits)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7EF60E29-A117-4FCD-B3D5-07222DAC1A17}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-01] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-03]
CHR Extension: (Duolingo on the Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-04-03]
CHR Extension: (Facebook Video Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf [2015-04-24]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (aklamio Cashbar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bailoifpnpbamefjlgpcfebledceocbf [2015-04-03]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-04-03]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-03]
CHR Extension: (Telegram) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2015-04-03]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Tampermonkey) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-03]
CHR Extension: (busuu.com) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo [2015-04-03]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-03]
CHR Extension: (Web page captures from browser) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2015-04-03]
CHR Extension: (yingBar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gckfalecfdjjpbelmpfieecfdeapfoep [2015-04-03]
CHR Extension: (FoxyProxy Standard) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2015-04-03]
CHR Extension: (Desktop Notifications for Android) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni [2015-04-03]
CHR Extension: (Downloads - Your Download Box) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe [2015-04-03]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-13]
CHR Extension: (Dropbox) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-04-03]
CHR Extension: (Disconnect) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-04-03]
CHR Extension: (Image Search Options) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljmejbpilkadikecejccebmccagifhl [2015-04-03]
CHR Extension: (iGraal) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2015-04-03]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-04-03]
CHR Extension: (Momentum) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2015-04-03]
CHR Extension: (Evernote Web) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-08-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-03]
CHR Extension: (Capture Webpage Screenshot - FireShot) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-04-03]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-04-03]
CHR Extension: (Ghostery) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-04-03]
CHR Extension: (F.B Purity-Clean Up Facebook) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2015-04-03]
CHR Extension: (Hangouts) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-04-03]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2015-04-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
CHR Extension: (eBay XXL-Photos) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndhjgnljmmablcpnppcdfbagielaiho [2015-04-03]
CHR Extension: (Enhanced Steam) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2015-04-03]
CHR Extension: (PAYBACK Internet Assistent für Google Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2015-04-03]
CHR Extension: (ModernDeck) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpfgdgddpnbjcbpofmdanfbbigocklj [2015-04-03]
CHR Extension: (Gutscheinsammler Finder) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilobbegphefikcgjpajnneiiahhejam [2015-04-03]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKU\S-1-5-21-3557826585-2545589941-765533996-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-05-28] (Adobe Systems) [Datei ist nicht signiert]
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2007048 2015-08-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-05] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 cbfs4; C:\Windows\system32\drivers\cbfs4.sys [387776 2013-11-15] (EldoS Corporation)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [49872 2015-07-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2014-03-19] (Seiko Epson Corporation)
R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] ()
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [18624 2013-11-15] (EldoS Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 20:23 - 2015-08-13 20:23 - 00031516 _____ C:\Users\Christian\Downloads\FRST.txt
2015-08-13 20:23 - 2015-08-13 20:23 - 00000955 _____ C:\Users\Christian\Desktop\checkup.txt
2015-08-13 20:22 - 2015-08-13 20:22 - 00001513 _____ C:\Users\Christian\Desktop\eset.txt
2015-08-13 16:51 - 2015-08-13 16:51 - 00852684 _____ C:\Users\Christian\Downloads\SecurityCheck.exe
2015-08-13 16:47 - 2015-08-13 16:47 - 02870984 _____ (ESET) C:\Users\Christian\Downloads\esetsmartinstaller_deu.exe
2015-08-13 16:47 - 2015-08-13 16:47 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-13 09:44 - 2015-08-13 09:44 - 00039775 _____ C:\Users\Christian\Downloads\Addition.txt
2015-08-13 09:43 - 2015-08-13 09:43 - 00000000 ____D C:\Users\Christian\Downloads\FRST-OlderVersion
2015-08-13 09:39 - 2015-08-13 09:39 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Christian\Downloads\JRT.exe
2015-08-13 09:33 - 2015-08-13 09:36 - 00000000 ____D C:\AdwCleaner
2015-08-13 09:33 - 2015-08-13 09:33 - 02248704 _____ C:\Users\Christian\Downloads\AdwCleaner_4.208.exe
2015-08-12 20:38 - 2015-08-12 20:38 - 00000000 ____D C:\Users\Christian\AppData\Local\GHISLER
2015-08-12 20:37 - 2015-08-12 20:38 - 00000000 ____D C:\Users\Christian\Desktop\GPX
2015-08-12 19:25 - 2015-08-13 15:57 - 00588148 _____ C:\Windows\WindowsUpdate.log
2015-08-12 18:22 - 2015-08-12 18:22 - 00548073 _____ C:\Users\Christian\Downloads\ScreenBlur_1.3.0.27.zip
2015-08-12 15:36 - 2015-08-12 15:36 - 00000808 _____ C:\Users\Christian\Desktop\dreamboxEDIT.lnk
2015-08-12 15:36 - 2015-08-12 15:36 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2015-08-12 12:49 - 2015-08-12 12:50 - 00000000 ____D C:\ProgramData\F-Secure
2015-08-12 12:49 - 2015-08-12 12:49 - 00572456 _____ (F-Secure Corporation) C:\Users\Christian\Downloads\F-SecureOnlineScanner.exe
2015-08-12 12:49 - 2015-08-12 12:49 - 00000000 ____D C:\Users\Christian\AppData\Local\F-Secure
2015-08-12 12:35 - 2015-08-12 17:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-12 12:34 - 2015-08-12 15:06 - 00000000 ____D C:\Users\Christian\Desktop\mbar
2015-08-12 12:33 - 2015-08-12 12:33 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Christian\Downloads\mbar-1.09.1.1004.exe
2015-08-12 00:58 - 2015-08-12 00:58 - 00042040 _____ C:\Users\Christian\Documents\netscan.xml
2015-08-12 00:55 - 2015-08-12 00:55 - 02889262 _____ C:\Users\Christian\Downloads\netscan-607.zip
2015-08-11 23:21 - 2015-08-11 23:21 - 00001559 _____ C:\Users\Christian\Desktop\Google Drive.lnk
2015-08-11 23:19 - 2015-08-11 23:19 - 00931408 _____ (Google Inc.) C:\Users\Christian\Downloads\googledrivesync.exe
2015-08-11 23:19 - 2015-08-11 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-11 22:52 - 2015-08-12 15:28 - 00000000 ____D C:\Users\Christian\Documents\1Password
2015-08-11 21:34 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:34 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:30 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-11 21:30 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-11 21:30 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-11 21:30 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-11 21:30 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-11 21:30 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-11 21:30 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 21:30 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-11 21:30 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-11 21:30 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-11 21:30 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-11 21:30 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 21:30 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 21:30 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-11 21:30 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-11 21:30 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-11 21:30 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-11 21:30 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-11 21:30 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-11 21:30 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-11 21:30 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 21:30 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-11 21:30 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-11 21:30 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-11 21:30 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-11 21:30 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-11 21:30 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-11 21:30 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-11 21:30 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-11 21:30 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-11 21:30 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-11 21:30 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-11 21:30 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-11 21:30 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-11 21:30 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-11 21:30 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-11 21:30 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 21:30 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-11 21:30 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-11 21:30 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-11 21:30 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-11 21:30 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-11 21:30 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-11 21:30 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-11 21:30 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-11 21:30 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-11 21:30 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-11 21:30 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-11 21:30 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-11 21:30 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-11 21:30 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-11 21:30 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-11 21:30 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-11 21:30 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-11 21:30 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 21:30 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 21:30 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 21:30 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 21:30 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 21:30 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 21:30 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-11 21:30 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-11 21:30 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-11 21:30 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-11 21:30 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 21:30 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-11 21:30 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-11 21:30 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 21:30 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-11 21:30 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-11 21:30 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 21:30 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-11 21:30 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-11 21:30 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-11 21:30 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-11 21:30 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-11 21:30 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-11 21:30 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-11 21:30 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-11 21:02 - 2015-08-11 21:02 - 00380416 _____ C:\Users\Christian\Downloads\Gmer-19357.exe
2015-08-11 20:52 - 2015-08-13 20:23 - 00000000 ____D C:\FRST
2015-08-11 20:52 - 2015-08-13 09:43 - 02173952 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2015-08-11 20:50 - 2015-08-11 20:50 - 00000000 _____ C:\Users\Christian\defogger_reenable
2015-08-11 20:48 - 2015-08-11 20:48 - 00050477 _____ C:\Users\Christian\Downloads\Defogger.exe
2015-08-11 20:35 - 2015-08-11 20:35 - 00000000 _____ C:\Users\Christian\Desktop\190.151.10.226.txt
2015-08-11 19:38 - 2015-08-11 19:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 16:15 - 2015-08-11 16:16 - 00000000 ____D C:\Users\Christian\Downloads\Neuer Ordner
2015-08-11 13:58 - 2015-08-11 13:58 - 00000000 ____D C:\ProgramData\ATI
2015-08-10 12:39 - 2015-08-10 12:39 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Garmin_Ltd._or_its_subsid
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\ProgramData\Garmin
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Program Files\DIFX
2015-08-10 12:39 - 2015-08-10 12:39 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-08-10 11:22 - 2015-08-10 11:22 - 00048947 _____ C:\Windows\SysWOW64\CCCInstall_201508101122310578.log
2015-08-10 11:22 - 2015-08-10 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-10 01:07 - 2015-08-10 01:07 - 00000752 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2015-08-10 01:07 - 2015-08-10 01:07 - 00000668 _____ C:\Users\Public\Desktop\WinSCP.lnk
2015-08-10 00:40 - 2015-08-10 00:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-08-10 00:40 - 2015-08-10 00:40 - 00000000 ____D C:\Users\Christian\AppData\Roaming\GHISLER
2015-08-09 22:34 - 2015-08-09 22:34 - 00000036 _____ C:\Users\Christian\Desktop\Ohne Titel.avi.sfl
2015-08-09 13:51 - 2015-08-11 21:16 - 00000000 ____D C:\Users\Christian\Desktop\GIGASET QV1030
2015-08-07 22:41 - 2015-08-07 22:41 - 00000014 _____ C:\Users\Christian\Desktop\g2a.txt
2015-08-05 00:20 - 2015-08-06 23:06 - 00000000 ____D C:\Windows\Minidump
2015-08-03 20:55 - 2015-08-03 20:55 - 00003364 _____ C:\Windows\System32\Tasks\Skype
2015-08-02 23:32 - 2015-08-02 23:39 - 00000000 ____D C:\Users\Christian\Desktop\Spende
2015-08-02 20:22 - 2015-08-02 20:22 - 00000000 ____D C:\Users\Christian\Desktop\Verkauf
2015-08-02 19:13 - 2015-08-13 10:24 - 00000000 ____D C:\Users\Christian\.rainlendar2
2015-08-02 19:13 - 2015-08-02 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2015-08-02 19:12 - 2015-08-02 19:13 - 00000000 ____D C:\Program Files\Rainlendar2
2015-08-02 18:46 - 2015-08-02 18:46 - 00000000 ____D C:\Users\Christian\AppData\Local\CEF
2015-08-02 16:23 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-02 16:23 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-02 16:23 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-02 16:23 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-02 16:23 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-02 16:23 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-02 16:23 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-02 16:23 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-01 18:05 - 2015-08-01 18:05 - 00000000 ____D C:\ProgramData\newbackup
2015-08-01 18:04 - 2015-08-01 18:04 - 00000000 ____D C:\ProgramData\rmbwizard
2015-08-01 18:04 - 2015-08-01 18:04 - 00000000 ____D C:\ProgramData\launcher
2015-08-01 18:03 - 2015-08-01 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Backup and Recovery™ 2014 Free
2015-08-01 18:03 - 2015-08-01 18:03 - 00000000 ____D C:\Program Files\Paragon Software
2015-08-01 18:02 - 2015-08-01 18:02 - 00000000 ____D C:\Users\Christian\AppData\Local\Downloaded Installations
2015-08-01 18:02 - 2015-08-01 18:02 - 00000000 ____D C:\ProgramData\explauncher
2015-07-29 05:44 - 2015-07-29 05:44 - 00458472 _____ C:\Windows\system32\amdmiracast.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-07-29 05:26 - 2015-07-29 05:26 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-07-29 05:15 - 2015-07-29 05:15 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-07-29 05:09 - 2015-07-29 05:09 - 47785472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-07-29 05:09 - 2015-07-29 05:09 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-07-29 05:08 - 2015-07-29 05:08 - 39714816 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-29 05:06 - 2015-07-29 05:06 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-07-29 05:05 - 2015-07-29 05:05 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-07-29 04:36 - 2015-07-29 04:36 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00134656 _____ C:\Windows\system32\amdhdl64.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00123392 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-07-29 04:32 - 2015-07-29 04:32 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-07-29 04:30 - 2015-07-29 04:30 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\Windows\system32\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-07-29 04:30 - 2015-07-29 04:30 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-07-29 04:29 - 2015-07-29 04:29 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-07-29 04:26 - 2015-07-29 04:26 - 00672768 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-07-29 04:25 - 2015-07-29 04:25 - 00246784 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-07-29 04:25 - 2015-07-29 04:25 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-07-29 04:23 - 2015-07-29 04:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-07-29 04:22 - 2015-07-29 04:22 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-07-27 22:18 - 2015-07-27 22:18 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AMD
2015-07-27 21:56 - 2015-08-13 10:24 - 00000000 ____D C:\Users\Christian\AppData\Roaming\FAHClient
2015-07-27 21:56 - 2015-07-27 21:56 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FAHClient
2015-07-27 21:56 - 2015-07-27 21:56 - 00000000 ____D C:\Program Files (x86)\FAHClient
2015-07-27 09:21 - 2015-07-27 09:21 - 00089104 _____ (Razer Inc) C:\Windows\system32\RazerCoinstaller.dll
2015-07-26 23:04 - 2015-07-26 23:06 - 00000000 ____D C:\Users\Christian\Desktop\FH Bewerbungen WiSe_2015
2015-07-25 13:56 - 2015-08-13 10:43 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Everything
2015-07-25 13:56 - 2015-07-25 13:56 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2015-07-25 13:56 - 2015-07-25 13:56 - 00000000 ____D C:\Program Files\Everything
2015-07-23 07:41 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-07-23 07:41 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-21 21:26 - 2015-07-23 18:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-07-21 18:45 - 2015-07-21 18:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Publish Providers
2015-07-21 18:42 - 2015-08-09 22:31 - 00000000 ____D C:\Users\Christian\Documents\Movie Studio Platinum 12.0 Projekte
2015-07-21 18:41 - 2015-07-21 18:42 - 00000000 ____D C:\Users\Christian\AppData\Local\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\ProgramData\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\Program Files\Sony
2015-07-21 18:41 - 2015-07-21 18:41 - 00000000 ____D C:\Program Files (x86)\Sony
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files\MSBuild
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-07-21 18:35 - 2015-07-21 18:35 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-21 18:34 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-07-21 18:34 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-07-21 18:31 - 2015-07-21 18:54 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Sony
2015-07-20 22:53 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-20 22:53 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-20 22:53 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-20 22:53 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-15 19:51 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 19:51 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 19:51 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 19:51 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 19:51 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 19:51 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 19:51 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 19:51 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 19:51 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 19:51 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 19:51 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 19:51 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 19:51 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 19:50 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:50 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 19:50 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 19:50 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 19:50 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 19:50 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 19:50 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 19:49 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 19:49 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 19:49 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 19:49 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 19:49 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 19:49 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 19:49 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-15 19:48 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 19:48 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 19:48 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:48 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 19:48 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 19:48 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 19:48 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 19:48 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 19:48 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 19:48 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 19:48 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 19:48 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 19:48 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 19:48 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 19:48 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 19:48 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 19:48 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 19:48 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-07-15 12:20 - 2015-07-15 12:20 - 00102912 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWB6.sys
2015-07-14 20:35 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-14 20:35 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-14 20:35 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-14 20:35 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-14 20:35 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-14 20:35 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-14 20:35 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 20:35 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-14 20:35 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-14 20:35 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-14 20:35 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:35 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-14 20:35 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 20:35 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-14 20:35 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-14 20:35 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-14 20:35 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-14 20:35 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-14 20:35 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-14 20:35 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-14 20:35 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-14 20:35 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-14 20:35 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-13 20:23 - 2015-05-16 01:44 - 00000000 ____D C:\Users\Christian\AppData\Roaming\mIRC
2015-08-13 20:04 - 2015-05-18 19:04 - 00000945 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job
2015-08-13 20:04 - 2015-05-18 19:04 - 00000759 _____ C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {138DC8C1-9376-4B23-B6AD-BB2F375DE385}.job
2015-08-13 20:04 - 2015-04-11 16:43 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Nitro PDF
2015-08-13 20:02 - 2015-04-03 15:40 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-13 19:35 - 2015-06-12 22:25 - 00001266 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA.job
2015-08-13 17:34 - 2015-04-13 22:26 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-13 14:47 - 2015-04-03 17:52 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{27C6D7FB-4289-49E3-A0CE-D5E22103A395}
2015-08-13 13:35 - 2015-06-12 22:25 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core.job
2015-08-13 11:28 - 2015-04-03 15:41 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3557826585-2545589941-765533996-1001
2015-08-13 10:43 - 2015-04-03 16:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\ClassicShell
2015-08-13 10:42 - 2015-04-03 16:26 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AgileBits
2015-08-13 10:24 - 2015-04-03 16:24 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Dropbox
2015-08-13 10:24 - 2015-04-03 15:40 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-13 10:05 - 2014-09-24 08:16 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-13 10:05 - 2014-09-24 07:43 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-08-13 10:05 - 2014-09-24 07:43 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-08-13 10:01 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-13 09:38 - 2015-06-14 17:44 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2015-08-13 09:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-13 08:22 - 2015-05-28 20:28 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2015-08-13 00:02 - 2015-04-13 23:44 - 00000600 _____ C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-08-12 20:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-12 18:29 - 2015-05-25 11:16 - 00000000 ____D C:\Users\Christian\AppData\Local\Greenshot
2015-08-12 17:06 - 2015-05-05 18:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-12 14:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-11 23:19 - 2015-04-03 15:40 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2015-08-11 23:19 - 2015-04-03 15:40 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-11 23:03 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-11 21:36 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-11 21:34 - 2015-04-03 15:57 - 00000000 ____D C:\Windows\system32\MRT
2015-08-11 21:34 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-11 21:31 - 2015-04-03 15:57 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-11 21:30 - 2015-04-03 16:39 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-11 21:30 - 2014-09-24 09:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-11 20:45 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-08-10 12:39 - 2015-04-03 15:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-10 11:50 - 2015-04-03 23:30 - 00000000 ____D C:\Users\Christian\Desktop\Sortieren
2015-08-10 11:22 - 2015-04-03 15:41 - 00000000 ____D C:\AMD
2015-08-09 22:47 - 2015-04-04 22:27 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-08-08 15:55 - 2014-09-24 09:43 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-09-24 09:43 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 19:37 - 2015-04-03 15:36 - 00000000 ____D C:\Users\Christian\AppData\Local\Packages
2015-08-03 00:20 - 2015-04-03 18:00 - 00000000 ____D C:\ProgramData\Origin
2015-08-02 16:22 - 2015-05-16 17:11 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-08-02 16:03 - 2013-03-31 17:20 - 00001371 _____ C:\Users\Christian\Desktop\Systemwiederherstellung.lnk
2015-08-02 11:01 - 2015-05-16 17:11 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-08-01 12:22 - 2015-04-03 15:44 - 00000000 ____D C:\Program Files (x86)\Razer
2015-07-30 18:36 - 2015-04-03 16:22 - 00000000 ____D C:\Program Files (x86)\1Password 4
2015-07-29 05:42 - 2015-03-19 06:15 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-07-29 05:42 - 2015-03-19 06:15 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-07-29 05:42 - 2014-07-21 22:04 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-07-29 05:42 - 2014-07-21 22:04 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-07-29 05:41 - 2014-07-21 22:04 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-07-29 05:40 - 2015-03-19 06:14 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-07-29 05:40 - 2014-07-21 22:04 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-07-29 05:40 - 2014-07-21 22:04 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-07-29 05:39 - 2015-03-19 06:14 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-07-29 05:39 - 2015-03-19 06:14 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-07-29 04:26 - 2015-03-19 04:04 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-07-29 04:22 - 2015-03-19 03:40 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-07-29 04:17 - 2015-06-23 03:21 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-07-28 22:07 - 2015-04-03 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-28 21:05 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-07-28 21:00 - 2015-04-03 16:31 - 00000000 ____D C:\Windows\Panther
2015-07-25 13:39 - 2015-05-16 22:38 - 00000000 ____D C:\Program Files\CCleaner
2015-07-25 13:37 - 2015-04-03 16:44 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 07:54 - 2015-05-17 13:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-21 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-07-21 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\MUI
2015-07-19 13:30 - 2015-06-12 22:25 - 00004220 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001UA
2015-07-19 13:30 - 2015-06-12 22:25 - 00003840 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3557826585-2545589941-765533996-1001Core
2015-07-17 19:38 - 2015-04-03 16:44 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 20:57 - 2015-04-03 15:40 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 20:57 - 2015-04-03 15:40 - 00003880 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 23:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-13 23:44 - 2015-08-13 00:02 - 0000600 _____ () C:\Users\Christian\AppData\Roaming\winscp.rnd
2015-04-12 00:45 - 2015-06-16 23:24 - 0000600 _____ () C:\Users\Christian\AppData\Local\PUTTY.RND

Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiy6m6l.dll
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
C:\Users\Christian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-06 19:19

==================== Ende von Ergebnis ============================
         

Alt 14.08.2015, 16:01   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Standard

Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus
appdata, autostart, bot, browser, bytes, code, csrss.exe, erkannt, eset, file, gmer, google, harddisk, internet, malwarebytes, not, roaming, scan, security, surfen, system, system32, temp, websites, windows, windows 8.1 64bit




Ähnliche Themen: Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus


  1. Windows 7 home 64bit: Schädlingsbefall durch Techgile Virus. Werbung in Browser.
    Log-Analyse und Auswertung - 25.02.2015 (11)
  2. Windows 7 (64bit): Werbung / Popups im Browser. "Hold Page" und mehr?
    Log-Analyse und Auswertung - 19.02.2015 (26)
  3. Windows 7 64bit - Kaspersky meldet immer eine Bedrohung: not-a-virus:WebToolbar.Win32.Perinet.d
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (9)
  4. Win 7 Home Premium 64bit: Audiostream ohne entsprechend geöffnetes Fenster (Browser: Chrome)
    Log-Analyse und Auswertung - 21.10.2014 (16)
  5. Win7-64Bit - Browser, Netzwerkeinstellungen, Proxy wird immer automatisch aktiviert 127.0.0.1:49273
    Log-Analyse und Auswertung - 21.09.2014 (12)
  6. Windows 7 (x64): ungewohntes Browser verhalten, instabile Verbindungen (Browser und Wlan)
    Log-Analyse und Auswertung - 20.09.2014 (9)
  7. Plötzlich viel Werbung im Browser Bräuchte mal rat Windows 7 64bit
    Plagegeister aller Art und deren Bekämpfung - 20.05.2014 (21)
  8. Windows 7 64bit BKA Browser Trojaner
    Log-Analyse und Auswertung - 18.01.2014 (5)
  9. Im Firefox unter Windows 7, 64bit bekomme ich plötzlich Werbung im Browser (Links und rechts flackernde Anzeigen, pp. und Popups.
    Plagegeister aller Art und deren Bekämpfung - 05.01.2014 (51)
  10. Windows 7 Ultimate 64bit: Ihr Browser hat gesperrt...Paysafe usw.
    Log-Analyse und Auswertung - 25.10.2013 (9)
  11. Win7 64bit blau unterstrichene Wörter mit Weiterleitung auf Werbung im Browser Chrome
    Log-Analyse und Auswertung - 16.10.2013 (7)
  12. Windows 7 (64bit): Unregelmäßiges auftauchen weißer PopUp´s im Browser
    Log-Analyse und Auswertung - 16.09.2013 (7)
  13. Windows 7, 64bit: plötzlich Werbung im Browser (Links und flackernde Anzeigen, pp.) und Popups
    Log-Analyse und Auswertung - 14.09.2013 (9)
  14. Gema.exe - Windows 7 64bit Brauche eine Schritt-für-Schritt-Anleitung
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (1)
  15. Log spuckt für mich unverständliche Trojaner aus...
    Log-Analyse und Auswertung - 21.04.2010 (1)
  16. Google spuckt richtige suchergebnisse mit falschen links aus
    Plagegeister aller Art und deren Bekämpfung - 05.02.2009 (5)
  17. eScan log... windows spuckt immer fehler
    Plagegeister aller Art und deren Bekämpfung - 10.09.2007 (17)

Zum Thema Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus - Guten Tag, vorhin hatte sich meine Geschwindigkeit beim surfen rapide verlangsamt. Ich bekam im Browser eine IPv4 Meldung von Google, welches auf "viele Zugriffe" aus dem Netz hinweisen wollte. Als - Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus...
Archiv
Du betrachtest: Windows 8.1 64bit - Browser spuckt mir eine IP aus Chile aus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.