mbam findet PUP OpenCandyHelperRun

ulrika7 · 11.09.2015, 07:41

Hallo Schrauber,

hier die Logfiles mit den Funden und schöne Grüße

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b76bf5eaa8eef444bca942ca4fd5a732
# end=init
# utc_time=2015-09-10 06:33:49
# local_time=2015-09-10 08:33:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25702
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b76bf5eaa8eef444bca942ca4fd5a732
# end=updated
# utc_time=2015-09-10 06:40:40
# local_time=2015-09-10 08:40:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b76bf5eaa8eef444bca942ca4fd5a732
# engine=25702
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-11 01:28:37
# local_time=2015-09-11 03:28:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 200811 206355407 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 103921 193566108 0 0
# scanned=742921
# found=6
# cleaned=0
# scan_time=24476
sh=2C500E830D0ED0316CC970ACBCA1FFB0C02F11F0 ft=1 fh=191935c83e0a5011 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-289800921-2288194260-3485654390-1000\$RWM52RN.exe"
sh=C8E520C3F7116F43691CCE50B942ECEB140C706C ft=1 fh=8a8ff7b6125ebe1b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Program Files\FreeAudioDub_1.6.exe"
sh=0CE48DA603A5E7431002CE4ACA1F1546C5D6579E ft=1 fh=a7cab65addc4a365 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Program Files\FreeYouTubeToMP3Converter32.exe"
sh=4FF97B281BC64D991DD01DAD2A67C5F0831535DB ft=1 fh=048fe3b80b0ef2b0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoft.exe"
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Program Files\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe"
sh=6F3A3B433459E6773C9FBE8CFB154DB6534EFA86 ft=1 fh=60bff0ff01dbe663 vn="Variante von Win32/InstallCore.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Program Files\FoxTabVideoConverter\VideoConverter.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 1.008  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 WinPatrol 
 Adobe Flash Player 	18.0.0.232  
 Mozilla Firefox (40.0.3) 
````````Process Check: objlist.exe by Laurent````````  
 WinPatrol winpatrol.exe 
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

[CODE]ï»¿
FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:10-09-2015 01
durchgefÃ¼hrt von ulrike (Administrator) auf ULRIKE-PC (11-09-2015 08:35:36)
Gestartet von C:\Users\ulrike\Desktop\2015-09-09_trojanerboard
Geladene Profile: ulrike (VerfÃ¼gbare Profile: ulrike & Bossle)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung fÃ¼r Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Smith Micro Software, Inc.) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
() C:\Program Files\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Nalpeiron Ltd.) C:\Windows\System32\NlsSrv32.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\T-Mobile\InternetManager_A\Background\ModemListener.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Flux Software LLC) C:\Users\ulrike\AppData\Local\FluxSoftware\Flux\flux.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Hewlett-Packard Co.) C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(brother) C:\Program Files\Brownie\BrStsWnd.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [488816 2011-01-04] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-08-01] (IDT, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [DellControlPoint] => c:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [656384 2009-06-11] (Dell Inc.)
HKLM\...\Run: [IntelliType Pro] => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1093232 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1668720 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM\...\Run: [T-Mobile ModemListener] => C:\Program Files\T-Mobile\InternetManager_A\Background\ModemListener.exe [114040 2013-01-11] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-289800921-2288194260-3485654390-1000\...\Run: [F.lux] => C:\Users\ulrike\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-289800921-2288194260-3485654390-1000\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [456768 2013-10-19] (BillP Studios)
HKU\S-1-5-21-289800921-2288194260-3485654390-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-289800921-2288194260-3485654390-1000\...\Run: [Dropbox Update] => C:\Users\ulrike\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-27] (Dropbox, Inc.)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-08-14] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll [2009-06-11] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll [2009-06-11] (Wave Systems Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-10-08]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-03-23]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [2013-03-26] (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurÃ¼ckgesetzt, wenn es sich um einen Registryeintrag handelt..)

Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4838C857-13A8-44CD-B18C-0C7F3A5EE3D9}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{5CA3CDE8-FDFB-4060-9543-2A97E2296E12}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6A29D2DF-4ED9-4558-9A3C-8468D7C85B2E}: [NameServer] 192.168.2.1
Tcpip\..\Interfaces\{A3431382-C05A-4CA7-BA9A-DDEE99971A05}: [DhcpNameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{CED2D26B-6B69-47CB-99D9-D7B01CC92639}: [DhcpNameServer] 10.74.210.210 10.74.210.211

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-289800921-2288194260-3485654390-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-289800921-2288194260-3485654390-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gws_rd=ssl
SearchScopes: HKLM -> {F6F76182-93ED-499D-9491-EEFAEC99A3BC} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-289800921-2288194260-3485654390-1000 -> DefaultScope {143232E0-3E23-4C23-BD8B-F17261556A88} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-289800921-2288194260-3485654390-1000 -> {143232E0-3E23-4C23-BD8B-F17261556A88} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///D:/viewer/ORDcmViewCD.ocx
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583
FF DefaultSearchUrl: hxxps://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxps://www.google.de
FF Keyword.URL: hxxps://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-289800921-2288194260-3485654390-1000: @citrixonline.com/appdetectorplugin -> C:\Users\ulrike\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-01-05] (Citrix Online)
FF Plugin HKU\S-1-5-21-289800921-2288194260-3485654390-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-10-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-03-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-03-16] (Apple Inc.)
FF SearchPlugin: C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\searchplugins\google-images.xml [2015-02-03]
FF SearchPlugin: C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\searchplugins\google-maps.xml [2015-02-03]
FF SearchPlugin: C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\searchplugins\yahoo-avast.xml [2015-01-18]
FF Extension: YouTube Unblocker - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\Extensions\youtubeunblocker@unblocker.yt [2015-06-18]
FF Extension: WOT - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: Cliqz - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\Extensions\cliqz@cliqz.com.xpi [2015-05-16]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\Extensions\ich@maltegoetz.de.xpi [2015-01-17]
FF Extension: NoScript - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-17]
FF Extension: Adblock Plus - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-17]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2015-08-30]
FF Extension: Kein Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-30]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-13]
FF HKU\S-1-5-21-289800921-2288194260-3485654390-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-289800921-2288194260-3485654390-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\ulrike\AppData\Roaming\Mozilla\Firefox\Profiles\g6h2vff8.default-1421485351583\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cljghnkcnkhedlnhdgbcbefjoapionoc] - C:\Users\ulrike\AppData\Local\eToolKit\Beemp3.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [dnlhamhiejpiajljicfphhpiahoojipl] - C:\Users\ulrike\AppData\Local\eToolKit\FacebookShare.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [dpmoonohndgmmnlcnjajheaahmnjlbmj] - C:\Users\ulrike\AppData\Local\eToolKit\FacebookStatus.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [eelchhiiipbeleiimmhpdfbagkcjdmdm] - C:\Users\ulrike\AppData\Local\eToolKit\FacebookChat.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [fppahmlkambbejgkiidklamcmhealjag] - C:\Users\ulrike\AppData\Local\eToolKit\FacebookLike.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
CHR HKLM\...\Chrome\Extension: [jchankggehakkafdlalgmfbodgfilnbg] - C:\Users\ulrike\AppData\Local\eToolKit\FacebookMain.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [jedcimnjemkbmkkngncfgfpjgfcapimk] - C:\Users\ulrike\AppData\Local\eToolKit\Extmanager.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path\update_url>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor7.0; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-16] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-14] (AVAST Software)
R2 buttonsvc32; C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe [293968 2009-04-27] (Dell Inc.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [812392 2009-06-26] (Broadcom Corporation)
R2 Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [26984 2009-06-26] (Broadcom Corporation)
R2 dcpsysmgrsvc; c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [382752 2009-07-16] (Dell Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-02-03] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [660992 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Modem Device Helper; C:\Program Files\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 nlsX86cc; C:\Windows\system32\NlsSrv32.exe [61440 2009-06-07] (Nalpeiron Ltd.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1019904 2009-06-03] (Wave Systems Corp.) [Datei ist nicht signiert]
R2 SMManager; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [76288 2009-10-05] (Smith Micro Software, Inc.) [Datei ist nicht signiert]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\STacSV.exe [221266 2009-08-01] (IDT, Inc.)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [Datei ist nicht signiert]
R2 TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [1622016 2009-06-11] (Wave Systems Corp.) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Corporation)
S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [134144 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [19968 2013-01-11] (Windows (R) Codename Longhorn DDK provider)
R3 ASAPIW2K; C:\Windows\System32\Drivers\ASAPIW2K.sys [11264 2003-11-28] (Pinnacle Systems GmbH) [Datei ist nicht signiert]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-08-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-08-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-08-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-08-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-08-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-08-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-08-14] (AVAST Software)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [33832 2009-06-26] (Broadcom Corporation)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [107904 2013-01-11] (TCT International Mobile Ltd.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28944 2008-02-29] (Logitech, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R3 OA001Ufd; C:\Windows\System32\DRIVERS\OA001Ufd.sys [144672 2008-06-03] (Creative Technology Ltd.)
R3 OA001Vid; C:\Windows\System32\DRIVERS\OA001Vid.sys [277440 2008-09-18] (Creative Technology Ltd.)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
S3 risdpcie; C:\Windows\system32\DRIVERS\risdpe86.sys [49152 2009-07-01] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-05] (REDC)
S1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [45240 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [441608 2011-11-17] (Paragon)
S1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [277576 2011-11-17] (Paragon)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [200192 2009-07-27] (Wave Systems Corp.) [Datei ist nicht signiert]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 catchme; \??\C:\Users\ulrike\AppData\Local\Temp\catchme.sys [X]
S3 CtAudDrv; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S3 NvtSp50; System32\Drivers\NvtSp50.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-11 08:33 - 2015-09-11 08:33 - 00000785 _____ C:\Users\ulrike\Desktop\checkup.txt
2015-09-11 08:18 - 2015-09-11 08:18 - 00852704 _____ C:\Users\ulrike\Desktop\SecurityCheck.exe
2015-09-10 20:29 - 2015-09-10 20:29 - 02870984 _____ (ESET) C:\Users\ulrike\Desktop\esetsmartinstaller_deu.exe
2015-09-09 19:09 - 2015-09-11 08:35 - 00000000 ____D C:\FRST
2015-09-09 19:06 - 2015-09-11 08:33 - 00000000 ____D C:\Users\ulrike\Desktop\2015-09-09_trojanerboard
2015-09-09 19:06 - 2015-09-09 19:06 - 00000000 _____ C:\Users\ulrike\defogger_reenable
2015-09-09 09:28 - 2015-09-09 20:13 - 00001536 _____ C:\Users\ulrike\Desktop\2015-09-09_bedrohungen_mwb.txt
2015-09-09 09:03 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 09:03 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 09:03 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 09:03 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:03 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 09:03 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 09:03 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 09:03 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:03 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:03 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 09:03 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 09:03 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 09:03 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 09:03 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 09:03 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 09:03 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 09:03 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:03 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:03 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 09:03 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:03 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 09:03 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 09:03 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 09:03 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 09:03 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 09:03 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 09:03 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 09:03 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 09:03 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:03 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 09:03 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 09:03 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 08:59 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 08:58 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 08:58 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 08:58 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 08:58 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 08:56 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 08:56 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 08:56 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 08:56 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 08:55 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 08:55 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 08:55 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 08:54 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 08:54 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 08:54 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 08:54 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 08:54 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 08:54 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 08:54 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-09-09 08:54 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 08:54 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 08:54 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 08:54 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 08:54 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 08:54 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 08:54 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 08:54 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 08:54 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 08:54 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 08:54 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 08:54 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 08:54 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 08:54 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 08:54 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 08:54 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 08:54 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 08:53 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 08:53 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 08:48 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 08:48 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 08:48 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 08:47 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 08:47 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 08:47 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 08:47 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 08:47 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 08:47 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 08:30 - 2015-09-09 08:31 - 00000000 ____D C:\Users\ulrike\Desktop\2015-09_videos_julius
2015-09-03 09:51 - 2015-09-03 09:51 - 00000000 ____D C:\Users\ulrike\Documents\MAGIX Speed
2015-09-03 09:35 - 2015-09-03 09:35 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-30 21:47 - 2015-08-31 09:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-08-27 12:20 - 2015-09-07 22:16 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\vlc
2015-08-25 21:28 - 2015-09-03 10:08 - 00000000 ____D C:\Users\ulrike\Documents\MP3-DJ
2015-08-25 21:27 - 2015-08-25 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3-DJ
2015-08-25 21:27 - 2015-08-25 21:27 - 00000000 ____D C:\Program Files\MP3-DJ
2015-08-25 21:27 - 2012-03-11 20:48 - 00550912 _____ (Stefan Toengi) C:\Windows\system32\AudioGenie3.dll
2015-08-25 21:27 - 2011-11-07 22:00 - 00753729 _____ () C:\Windows\system32\ExTvw.ocx
2015-08-25 21:27 - 2010-08-01 14:19 - 00033792 _____ C:\Windows\system32\BCTKnob.ocx
2015-08-25 21:27 - 2010-02-25 14:35 - 00373248 _____ (Tools & Components) C:\Windows\system32\sevDataGrid2.ocx
2015-08-25 21:27 - 2009-09-10 14:17 - 00466592 _____ (Namtuk.com) C:\Windows\system32\MyCommandButton.ocx
2015-08-25 21:27 - 2007-07-02 10:29 - 00212992 _____ (audiocdtools.com) C:\Windows\system32\AudioDataBurnerOCX.ocx
2015-08-25 21:27 - 2006-09-04 15:24 - 00246304 _____ (Namtuk.com) C:\Windows\system32\MyFramePanel.ocx
2015-08-25 21:27 - 2004-03-08 23:00 - 00124688 _____ (Microsoft Corporation) C:\Windows\system32\MSWINSCK.OCX
2015-08-25 21:27 - 2003-02-10 10:25 - 00026647 _____ (Microsoft Corporation) C:\Windows\system32\hh.exe
2015-08-25 21:27 - 2002-08-29 13:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\system32\msvbvm50.dll
2015-08-25 21:27 - 2001-04-20 18:29 - 00060028 _____ C:\Windows\system32\Win32.tlb
2015-08-25 21:27 - 1999-05-06 23:00 - 00198640 _____ (Microsoft Corporation) C:\Windows\system32\MCI32.OCX
2015-08-25 21:27 - 1998-07-05 23:00 - 00035328 _____ (Apex Software Corporation) C:\Windows\system32\DBGRDDE.DLL
2015-08-25 21:27 - 1998-07-05 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGDE.DLL
2015-08-25 21:27 - 1998-06-23 23:00 - 00525352 _____ (Microsoft Corporation) C:\Windows\system32\DBGRID32.OCX
2015-08-25 21:27 - 1998-06-17 23:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\system32\VB5DB.DLL
2015-08-19 11:43 - 2015-08-21 21:14 - 00000000 ____D C:\Users\ulrike\Desktop\2015-08-soca
2015-08-18 11:41 - 2015-09-10 23:02 - 00000000 ____D C:\Users\ulrike\Desktop\frau_bub
2015-08-18 11:41 - 2015-09-07 21:34 - 00000000 ____D C:\Users\ulrike\Desktop\kontakte
2015-08-18 11:41 - 2015-08-18 11:42 - 00000000 ____D C:\Users\ulrike\Desktop\lieder_baby
2015-08-18 11:41 - 2015-08-18 11:42 - 00000000 ____D C:\Users\ulrike\Desktop\fotos_handy
2015-08-18 11:41 - 2015-08-18 11:41 - 00000000 ____D C:\Users\ulrike\Desktop\tg_hoechberg
2015-08-18 11:40 - 2015-09-09 08:36 - 00000000 ____D C:\Users\ulrike\Desktop\dharma
2015-08-18 11:40 - 2015-09-09 08:34 - 00000000 ____D C:\Users\ulrike\Desktop\auto
2015-08-14 08:32 - 2015-08-14 08:32 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-14 08:32 - 2015-08-14 08:32 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-12 12:00 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:55 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:55 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:55 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:55 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:55 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:55 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 11:55 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:55 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:55 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:55 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:55 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:55 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:54 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 11:54 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:54 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:54 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:54 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:54 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 11:54 - 2015-07-16 17:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 11:54 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:54 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:54 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 11:53 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 11:53 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:52 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll

==================== Ein Monat: GeÃ¤nderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-09-11 08:35 - 2014-02-02 19:23 - 00000568 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-289800921-2288194260-3485654390-1000.job
2015-09-11 08:31 - 2015-06-27 21:21 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-289800921-2288194260-3485654390-1000UA.job
2015-09-11 08:27 - 2014-04-24 22:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-11 08:06 - 2009-07-14 06:55 - 01223879 _____ C:\Windows\WindowsUpdate.log
2015-09-11 07:45 - 2010-02-01 00:27 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-11 07:21 - 2015-06-01 22:07 - 00000664 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-289800921-2288194260-3485654390-1000.job
2015-09-11 04:26 - 2009-07-14 06:34 - 00025424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-11 04:26 - 2009-07-14 06:34 - 00025424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-10 23:00 - 2011-03-23 21:29 - 00000248 _____ C:\Windows\Brownie.ini
2015-09-10 20:28 - 2010-01-22 15:42 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-10 20:25 - 2010-02-17 18:49 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\Skype
2015-09-10 19:54 - 2010-02-01 00:27 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-10 19:53 - 2013-03-22 17:57 - 00200066 _____ C:\Windows\setupact.log
2015-09-10 19:53 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-10 08:55 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-09 23:31 - 2015-03-16 11:24 - 00000000 ____D C:\AdwCleaner
2015-09-09 22:39 - 2012-06-27 18:07 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\Yahoo!
2015-09-09 20:37 - 2015-06-26 21:35 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-09 19:06 - 2010-01-28 10:33 - 00000000 ____D C:\Users\ulrike
2015-09-09 15:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-09-09 15:04 - 2009-07-14 06:33 - 00491000 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 15:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-09-09 10:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-09 10:00 - 2013-02-22 11:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 09:53 - 2013-08-14 22:22 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 08:23 - 2015-06-26 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-09 08:23 - 2015-04-01 20:14 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-09-07 20:41 - 2012-09-17 09:32 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\F4
2015-09-07 11:31 - 2015-06-27 21:21 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-289800921-2288194260-3485654390-1000Core.job
2015-09-06 23:16 - 2010-05-04 22:19 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\Audacity
2015-09-06 19:06 - 2015-04-30 21:38 - 00000000 ____D C:\Users\ulrike\Documents\MAGIX_Audio_Cleaning_Lab_16_deluxe
2015-09-04 21:28 - 2010-01-28 10:34 - 00135392 _____ C:\Users\ulrike\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-04 21:16 - 2011-01-14 09:08 - 00000000 ___RD C:\Users\ulrike\Dropbox
2015-09-04 20:42 - 2013-03-15 10:02 - 00000000 ____D C:\Users\ulrike\AppData\Roaming\Dropbox
2015-09-04 19:21 - 2015-01-02 22:01 - 00029148 _____ C:\Users\ulrike\Desktop\EINNAHMEN_AUSGABEN.ods
2015-09-01 21:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-31 09:40 - 2014-02-11 11:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-31 09:40 - 2013-03-22 17:56 - 00463236 _____ C:\Windows\PFRO.log
2015-08-26 18:36 - 2010-01-28 11:40 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-25 14:44 - 2011-11-09 21:30 - 00000000 ____D C:\Program Files\CDBurnerXP
2015-08-25 09:55 - 2011-11-09 21:30 - 00001807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-08-16 11:29 - 2014-02-11 11:55 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-14 08:32 - 2014-08-14 23:20 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-14 08:32 - 2013-12-24 11:09 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-14 08:32 - 2013-03-13 18:59 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-14 08:32 - 2013-03-13 18:59 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-14 08:32 - 2013-03-13 18:59 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-14 08:32 - 2013-03-13 18:59 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-14 08:32 - 2013-03-13 18:59 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-14 08:31 - 2013-03-13 18:59 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-08-12 14:22 - 2014-12-10 18:18 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 14:22 - 2014-05-06 23:21 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 14:22 - 2009-07-14 10:47 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2015-08-12 11:27 - 2014-04-24 22:52 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 11:27 - 2014-04-24 22:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-02-09 19:12 - 2010-02-09 19:12 - 0009523 _____ () C:\Program Files\DellDriverDownloadManager.application
2011-01-14 09:03 - 2011-01-14 09:04 - 14715008 _____ (Dropbox, Inc.) C:\Program Files\Dropbox 1.0.10.exe
2011-11-14 22:04 - 2011-11-14 22:05 - 1258692 _____ (DVD Shrink                                                  ) C:\Program Files\dvdshrink.3.2.de._decss-frei_.setup.exe
2011-11-14 22:04 - 2011-11-14 22:04 - 1258692 _____ (DVD Shrink                                                  ) C:\Program Files\dvdshrink.3.2.de._decss-frei_.setup.exe.part
2010-02-17 18:41 - 2010-04-02 19:23 - 0685568 _____ () C:\Program Files\DVSUninstall.exe
2013-03-14 22:13 - 2013-03-14 22:13 - 2347384 _____ (ESET) C:\Program Files\esetsmartinstaller_enu.exe
2010-03-15 23:48 - 2010-03-15 23:48 - 0977552 _____ (NCH Software) C:\Program Files\essetup.exe
2010-01-30 13:29 - 2010-01-30 13:30 - 18965012 _____ () C:\Program Files\f4-v31.exe
2010-02-19 17:32 - 2010-02-19 17:32 - 25154803 _____ () C:\Program Files\f4-v4-pc.zip
2011-12-08 21:51 - 2011-12-08 21:52 - 14597312 _____ (Mozilla) C:\Program Files\Firefox Setup 8.0.1.exe
2010-05-08 09:59 - 2010-03-31 20:54 - 2003968 _____ (DVDVideoSoft Limited.) C:\Program Files\FreeAudioDub.exe
2010-04-21 19:39 - 2010-04-21 19:40 - 18234256 _____ (                                                            ) C:\Program Files\gimp-2.6.8-i686-setup.exe
2010-04-21 22:09 - 2010-04-21 22:09 - 0562848 _____ (Google Inc.) C:\Program Files\GoogleEarthSetup.exe
2010-04-20 21:09 - 2010-04-20 21:09 - 10315456 _____ () C:\Program Files\GoogleEarthWin.exe
2010-02-01 00:27 - 2010-02-01 00:27 - 0564064 _____ (Google Inc.) C:\Program Files\googleupdatesetup.exe
2015-07-16 16:35 - 2015-07-16 16:35 - 6420480 _____ () C:\Program Files\GUT1371.tmp
2010-02-02 00:14 - 2010-02-02 00:14 - 1924200 _____ (Adobe Systems Incorporated) C:\Program Files\install_flash_player.exe
2010-02-04 17:02 - 2010-02-04 17:02 - 16488224 _____ (Sun Microsystems, Inc.) C:\Program Files\jre-6u18-windows-i586-s.exe
2010-05-07 22:30 - 2010-05-07 22:30 - 0212713 _____ () C:\Program Files\mp3DC211.exe
2010-05-10 16:38 - 2010-05-10 16:38 - 13868427 _____ () C:\Program Files\NAVIGON_Fresh_setup.exe
2013-11-26 17:55 - 2013-11-26 17:55 - 0534744 _____ () C:\Program Files\noscript-2.6.8.5.xpi
2010-01-28 17:12 - 2010-01-28 17:12 - 149845064 _____ () C:\Program Files\OOo_3.1.1_Win32Intel_install_de.exe
2010-03-01 22:22 - 2010-03-01 22:25 - 152882016 _____ () C:\Program Files\OOo_3.2.0_Win32Intel_install_de.exe
2010-02-16 23:23 - 2010-02-16 23:27 - 167555440 _____ () C:\Program Files\OOo_3.2.0_Win32Intel_install_wJRE_de(2).exe
2012-04-19 09:08 - 2012-04-19 09:08 - 141590843 _____ () C:\Program Files\openofficeorg1.cab
2012-04-19 08:59 - 2012-04-19 08:59 - 3125248 _____ () C:\Program Files\openofficeorg34.msi
2015-02-03 19:02 - 2015-02-03 19:11 - 116212736 _____ () C:\Program Files\Paragon-183-FRG_WinInstallSNU_10.0.17.13908_000(1).msi
2011-02-12 14:17 - 2011-02-12 14:17 - 17642464 _____ (pdfforge GbR) C:\Program Files\PDFCreator-1_2_0_setup.exe
2010-01-30 13:31 - 2010-01-30 13:32 - 32494896 _____ (Apple Inc.) C:\Program Files\QuickTimeInstaller.exe
2012-04-19 08:59 - 2012-04-19 08:59 - 0473600 _____ () C:\Program Files\setup.exe
2012-04-19 08:59 - 2012-04-19 08:59 - 0000290 _____ () C:\Program Files\setup.ini
2010-02-17 18:46 - 2010-02-17 18:47 - 22240040 _____ (Skype Technologies S.A.) C:\Program Files\SkypeSetupFull179.exe
2011-11-04 13:46 - 2011-11-04 13:46 - 0733184 _____ (www.rene-zeidler.de) C:\Program Files\Snipping Tool Plus.exe
2010-02-01 21:44 - 2010-02-01 21:44 - 3211616 _____ (Ghisler Software GmbH) C:\Program Files\tcmd750a.exe
2010-02-01 23:42 - 2010-02-01 23:43 - 8840816 _____ (Mozilla) C:\Program Files\Thunderbird_Setup_3.0.1.exe
2010-01-30 12:11 - 2010-01-30 12:11 - 1167688 _____ (Microsoft Corporation) C:\Program Files\wlsetup-custom.exe
2010-06-24 22:44 - 2010-06-24 22:44 - 0568472 _____ (NCH Software) C:\Program Files\wpsetup.exe
2010-02-08 21:13 - 2010-12-08 09:05 - 0150836 _____ () C:\Users\ulrike\AppData\Roaming\mdbu.bin
2010-02-09 19:35 - 2013-07-19 16:31 - 0003584 _____ () C:\Users\ulrike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-20 16:04 - 2014-10-26 18:02 - 0000058 _____ () C:\Users\ulrike\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2014-09-28 18:22 - 2014-09-28 18:22 - 0003959 _____ () C:\Users\ulrike\AppData\Local\recently-used.xbel
2010-02-22 23:36 - 2010-02-22 23:36 - 0000017 _____ () C:\Users\ulrike\AppData\Local\resmon.resmoncfg
2010-01-28 10:34 - 2010-02-05 09:42 - 0000000 _____ () C:\Users\ulrike\AppData\Local\WavXMapDrive.bat
2011-01-22 00:06 - 2012-08-24 09:49 - 0017408 _____ () C:\Users\ulrike\AppData\Local\WebpageIcons.db
2011-07-05 13:32 - 2011-07-05 13:32 - 0000000 _____ () C:\Users\ulrike\AppData\Local\{EDD1366B-75CE-429C-A470-C05A561E102D}
2011-02-02 23:40 - 2013-05-14 23:39 - 0000040 ___SH () C:\ProgramData\.zreglib
2010-02-17 18:51 - 2010-02-17 18:51 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-06-27 17:58 - 2012-08-15 21:02 - 0003338 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\ulrike\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnjo2sq.dll
C:\Users\ulrike\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpogr7xj.dll
C:\Users\ulrike\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix fÃ¼r Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-11 03:50

==================== Ende vom FRST.txt ============================

--- --- ---

mbam findet PUP OpenCandyHelperRun

Log-Analyse und Auswertung: mbam findet PUP OpenCandyHelperRun

mbam findet PUP OpenCandyHelperRun

Ähnliche Themen: mbam findet PUP OpenCandyHelperRun