| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Fehlklick bei ww1.virus-total. de eeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
| |
22.10.2015, 20:57
| #1 |
 |  Fehlklick bei ww1.virus-total. de ee Moin Moin. Da will ich eine exe prüfen und vertipp mich. Dann nicht richtig hingeguckt und auf den sehr kontrastarmen link gedrückt.    Nun folgende Beobachtungen: Gleich darauf fing das INet an zu zicken. Langsame, ruckelige bis unmögliche Videos auf Youtube, Inet-Radio ständig mit Verbindungsabbrüchen und zu guter letzt in Chrome ein sehr mehrkwürdiger Reiter. Hab ich noch für Überlastetes WLan bzw. INet gehalten. Im Browsergame DieSiedler tauchte ausserdem ein Fenster auf, das nur mit OK. zu bestätigen war: guiicon_lib/deposit_corn.png. Habe statt dessen den Browser FF geschlossen. In Chrome sind oben rechts das Minus zum minimieren, das Quadrat für Vollbild und das Kreuz zum Beenden. Links neben diesem Minus nun ein graues Feld mit meinem Chrome Anmeldenamen sowie einem gelben Dreieck mit Ausrufezeichen. Angeklickt und es wollten sich nacheinander 3 neue Erweiterungen installieren. Ausserdem war dort auch die Rede von einem AmazonAddon. Solch eines habe ich nicht installiert und will es auch nicht. Unter Einstellung teilt Chrome nun mit: "Die Anmeldeinformationen für dieses Konto sind veraltet. Erneut anmelden." (Noch) nicht gemacht. Ein FlashUpdate habe ich zweimal machen müssen. Kann nicht sagen warum und ob das zu Merkwürdigkeiten geführt hat. Ich traue meinem Router nicht mehr und würde den gerne zurücksetzen. Bitte Ansagen, wann der richtige Zeitpunkt gekommen ist. defogger: erledigt Gmer führt zum einfrieren des PC. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01 durchgeführt von ***** (Administrator) auf *****(22-10-2015 20:42:54) Gestartet von C:\Users\*****\Downloads Geladene Profile: ***** (Verfügbare Profile: ***** & .NET v4.5 & .NET v4.5 Classic) Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe (Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe (Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (DEVGURU Co., LTD.) D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Malwarebytes) D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\System32\wuapihost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Microsoft Corporation) C:\Users\*****\AppData\Local\Snip\Snip.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36711472 2015-10-13] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [WEB.DE Application {sync-000021}] => C:\Users\*****\AppData\Local\WEB.DE Application {sync-000021}\webde_onlinespeicher.exe [781312 2015-02-18] (1&1 Mail & Media GmbH) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Run: [Snip] => C:\Users\*****\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation) HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Policies\Explorer: [NoSecurityTab] 0 ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_1_20150212142954828.dll [2014-11-27] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-10-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-06] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-10-06] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-03-27] Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-09-10] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{1f429b3c-0def-4794-9fcd-1bd8383e754d}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{f4f984b3-14b6-4096-bca6-c6781cd9c88e}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-10] (Oracle Corporation) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-10] (Oracle Corporation) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-06] (LastPass) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - d:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-06] (LastPass) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798 FF Homepage: hxxp://www.diesiedleronline.de/de/spielen FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-21] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-06] (LastPass) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-21] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-10] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-10] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> d:\Program Files (x86)\LastPass\nplastpass.dll [2014-10-06] (LastPass) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-1888364831-2858631773-2981139133-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.) FF Extension: LastPass - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\support@lastpass.com [2015-09-26] FF Extension: Video AdBlock for Firefox - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-09-14] [ist nicht signiert] FF Extension: WOT - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-09] FF Extension: ProxMate - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2015-06-01] FF Extension: uBlock Origin - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\uBlock0@raymondhill.net.xpi [2015-10-21] FF Extension: NoScript - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-13] FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: BetterPrivacy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\xj48727q.default-1427810809798\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-06-01] FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.spiegel.de/","hxxp://forum.ubuntuusers.de/topic/kann-keine-programme-per-software-center-downl/","hxxp://www.happypainting.de/","hxxp://www.pentaxians.de/","hxxp://www.web.de/","hxxp://www.t-online.de/","hxxp://www.trojaner-board.de/166488-re-infekt-malaha-net-diverse-beobachtungen.html" CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (NoScript Suite Lite) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahnanjpbkghcdgmlchbcfoiefnifjeni [2015-06-20] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (TV) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-05-02] CHR Extension: (ColorZilla) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2015-09-05] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-08-05] CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Meine IP-Adresse) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfphbgnmmhjfalloifioeeeokjemobf [2015-05-02] CHR Extension: (Adblock Plus) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-22] CHR Extension: (TrafficLight) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2015-05-02] CHR Extension: (Adblock für Youtube™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-10-15] CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-02] CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-05-02] CHR Extension: (Best Utility Apps) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfkmehkjocihlfmcjkmdiekloihfaog [2015-05-02] CHR Extension: (VTchromizer) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2015-09-14] CHR Extension: (Facebook Disconnect) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-05-02] CHR Extension: (Google Text & Tabellen Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03] CHR Extension: (AdBlock) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-13] CHR Extension: („Pin it“-Button) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-10-04] CHR Extension: (LastPass: Free Password Manager) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-09-03] CHR Extension: (PDF Mergy) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2015-05-02] CHR Extension: (Subscriptions for YouTube™) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcngljpkdlakkbhmbfhjabcblbcldbl [2015-05-02] CHR Extension: (Proxmate) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2015-10-21] CHR Extension: (Dropbox) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-07-01] CHR Extension: (Interstellar) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kackgkhdbldcojljaeoaghlhfbbldkil [2015-05-02] CHR Extension: (Google Maps) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18] CHR Extension: (Chrono Download Manager) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2015-09-30] CHR Extension: (Ghostery) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-09-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24] CHR Extension: (Hover Zoom) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-09-28] CHR Extension: (AdBlock Pro) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-10-08] CHR Extension: (QVIVO) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohdmoikcfdlgffkebhcojlghnccgngbg [2015-05-02] CHR Extension: (Meine IP-Adresse) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2015-05-02] CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-02] CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Präsentationen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-22] CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-22] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22] CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-22] CHR Extension: (Google Tabellen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-22] CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-22] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-22] CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-22] CHR HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fknfdieimobmimhdkfkheeejenmdjhoe] - C:\Program Files (x86)\pandasecuritytb\chrome-newtab-search.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\*****\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-15] Opera: ======= OPR Extension: (Ghostery) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-10-15] OPR Extension: (NoFlash) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfkmglogfkpfekddlalobmhdbkjneejb [2015-08-03] OPR Extension: (AdBlock for YouTube™) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2015-08-03] OPR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2015-09-08] OPR Extension: (WOT) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-08-03] OPR Extension: (Cookie Jar) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\gapogllmojifhogcdfmommbeafllndoa [2015-08-03] OPR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2015-08-03] OPR Extension: (NoScript Lite) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipiopppcaojnchgoepoemlbdccogeije [2015-08-03] OPR Extension: (Flash Player for YouTube™) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\knbfimhapmnifdchcafinkbfikmomaak [2015-09-10] OPR Extension: (History Eraser) - C:\Users\*****\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm [2015-08-03] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.) R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [218768 2015-06-24] (DTS) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation) R2 MBAMScheduler; d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert] R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC) R2 ss_conn_service; D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [241400 2015-10-12] (RaMMicHaeL) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-09] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-09] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 AmUHubftr; C:\Windows\System32\drivers\AmUHubftr.sys [25880 2013-12-20] (Alcor Micro, Corp.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) S3 Bulk1528; C:\Windows\System32\Drivers\Bulk1528.sys [17792 2009-10-20] (SunPlus) S2 Ca1528av; C:\Windows\System32\Drivers\Ca1528av.sys [533760 2008-12-17] (Digital Camera) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] () R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows (R) Codename Longhorn DDK provider) S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-08-27] (Microsoft Corporation) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-22] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) S3 MEMSWEEP2; C:\WINDOWS\system32\15E3.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert] R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2204304 2015-07-10] (MediaTek Inc.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-05-19] () S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-05-19] () S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700296 2014-05-19] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-22 20:42 - 2015-10-22 20:42 - 00016148 _____ C:\WINDOWS\system32\OPQIWUER_*****_HistoryPrediction.bin 2015-10-22 20:40 - 2015-10-22 20:42 - 00039826 _____ C:\Users\*****\Downloads\FRST.txt 2015-10-22 20:40 - 2015-10-22 20:40 - 00380416 _____ C:\Users\*****\Downloads\bzei1ksf.exe 2015-10-22 20:40 - 2015-10-22 20:40 - 00022357 _____ C:\Users\*****\Downloads\Addition.txt 2015-10-22 20:39 - 2015-10-22 20:42 - 00000000 ____D C:\FRST 2015-10-22 20:39 - 2015-10-22 20:39 - 02196480 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe 2015-10-22 20:39 - 2015-10-22 20:39 - 00000468 _____ C:\Users\*****\Downloads\defogger_disable.log 2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _____ C:\Users\*****\defogger_reenable 2015-10-22 20:38 - 2015-10-22 20:38 - 00050477 _____ C:\Users\*****\Downloads\Defogger.exe 2015-10-22 15:35 - 2015-10-22 15:35 - 00002424 _____ C:\Users\*****\Desktop\***** Grünert - Chrome.lnk 2015-10-21 16:32 - 2015-10-21 16:32 - 00001093 _____ C:\Users\Public\Desktop\WISO Mein Geld 365 Belegschnellerfassung.lnk 2015-10-21 16:32 - 2015-10-21 16:32 - 00000955 _____ C:\Users\Public\Desktop\WISO Mein Geld 365 starten.lnk 2015-10-21 16:32 - 2015-10-21 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 365 2015-10-21 16:32 - 2015-10-21 16:32 - 00000000 ____D C:\Program Files (x86)\StickRoot 2015-10-21 16:17 - 2015-10-21 16:31 - 88173384 _____ (Buhl Data Service GmbH) C:\Users\*****\Downloads\WISOFinanz365 (1).exe 2015-10-21 16:16 - 2015-10-21 16:21 - 88173384 _____ (Buhl Data Service GmbH) C:\Users\*****\Downloads\WISOFinanz365.exe 2015-10-21 15:44 - 2015-10-21 15:44 - 00000408 _____ C:\MyUpdateLogs.log 2015-10-21 15:33 - 2015-10-21 15:33 - 00000000 ____D C:\Users\*****\Documents\Turbo Lister 2015-10-21 15:02 - 2015-10-21 15:38 - 00000000 ____D C:\Users\*****\Documents\Turbo Lister Backup 2015-10-20 12:49 - 2015-10-20 12:53 - 00000000 ____D C:\Users\*****\Documents\StarCraft II Beta 2015-10-20 12:35 - 2015-10-20 12:35 - 00000849 _____ C:\Users\Public\Desktop\StarCraft II - Legacy of the Void Beta.lnk 2015-10-20 12:35 - 2015-10-20 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II - Legacy of the Void Beta 2015-10-20 12:17 - 2015-10-20 12:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snip 2015-10-20 12:17 - 2015-10-20 12:17 - 00000000 ____D C:\Users\*****\AppData\Local\Snip 2015-10-19 13:22 - 2015-10-19 13:22 - 00000240 _____ C:\WINDOWS\SysWOW64\defogger_enable.log 2015-10-18 09:16 - 2015-10-18 09:16 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk 2015-10-18 09:16 - 2015-10-18 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0 2015-10-17 18:20 - 2015-10-17 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-16 18:12 - 2015-10-16 18:12 - 00000000 ____D C:\Users\*****\AppData\Local\AMD 2015-10-16 16:33 - 2015-10-16 17:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-15 18:57 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\is-50IRB.tmp 2015-10-13 20:12 - 2015-10-13 20:12 - 00000000 ____D C:\WINDOWS\PCHEALTH 2015-10-13 19:59 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-13 19:59 - 2015-10-10 08:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-10-13 19:59 - 2015-10-10 08:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-13 19:59 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-13 19:59 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-13 19:59 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-13 19:59 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-13 19:59 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-13 19:59 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-13 19:59 - 2015-10-01 06:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-13 19:59 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-13 19:59 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-13 19:59 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-10-13 19:59 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-13 19:59 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-10-13 19:59 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-13 19:59 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-13 19:59 - 2015-09-25 05:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-13 19:59 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2015-10-13 19:59 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2015-10-13 19:59 - 2015-09-25 05:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-13 19:59 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-10-13 19:59 - 2015-09-25 05:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-10-13 19:59 - 2015-09-25 05:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-13 19:59 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-10-13 19:59 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2015-10-13 19:59 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2015-10-13 19:59 - 2015-09-25 05:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-10-13 19:59 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-13 19:59 - 2015-09-25 05:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-10-13 19:59 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-10-13 19:59 - 2015-09-25 05:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-10-13 19:59 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-10-13 19:59 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2015-10-13 19:59 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2015-10-13 19:59 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-13 19:59 - 2015-09-25 04:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-13 19:59 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-13 19:59 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-13 19:59 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-13 19:59 - 2015-09-25 04:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-10-13 19:59 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-13 19:59 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2015-10-13 19:59 - 2015-09-25 04:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-13 19:59 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-13 19:59 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-13 19:59 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-13 19:59 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-13 19:59 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-11 12:06 - 2015-10-11 12:06 - 00001884 _____ C:\Users\*****\Desktop\blue-screen....txt 2015-10-11 11:48 - 2015-10-11 11:48 - 00281832 _____ C:\WINDOWS\Minidump\101115-11046-01.dmp 2015-10-09 20:11 - 2015-10-11 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-10-08 17:55 - 2015-10-18 09:13 - 00000000 ____D C:\Users\*****\Documents\W.I.R 2015-10-08 14:49 - 2015-10-20 23:47 - 00001202 _____ C:\Users\*****\Desktop\Sandboxed Web Browser.lnk 2015-10-08 14:49 - 2015-10-08 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2015-10-07 16:54 - 2015-10-07 16:54 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510071654173760.log 2015-10-07 16:54 - 2015-10-07 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-10-07 16:53 - 2015-10-07 16:53 - 00000000 ____D C:\Program Files\ATI Technologies 2015-10-07 16:53 - 2015-10-07 16:53 - 00000000 ____D C:\Program Files (x86)\ATI Technologies 2015-10-07 16:52 - 2015-10-07 16:52 - 00061253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510071652594297.log 2015-10-07 16:51 - 2015-10-21 14:34 - 00000797 _____ C:\WINDOWS\setupact.log 2015-10-07 16:51 - 2015-10-07 16:51 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 39721456 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 08864928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-10-07 16:51 - 2015-10-07 16:51 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-10-07 16:51 - 2015-10-07 16:51 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-10-07 16:51 - 2015-10-07 16:51 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-10-07 16:51 - 2015-10-07 16:51 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat 2015-10-07 16:51 - 2015-10-07 16:51 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2015-10-07 16:51 - 2015-10-07 16:51 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2015-10-07 16:51 - 2015-10-07 16:51 - 00000000 _____ C:\WINDOWS\setuperr.log 2015-10-05 19:26 - 2015-10-05 19:26 - 00000000 ____D C:\Program Files (x86)\ESET 2015-10-04 11:23 - 2015-10-18 17:22 - 00003568 _____ C:\WINDOWS\PFRO.log 2015-09-30 21:56 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2015-09-30 21:56 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-09-30 21:56 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-09-30 21:56 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2015-09-30 21:56 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-09-30 21:56 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2015-09-30 21:56 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-09-30 21:56 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys 2015-09-30 21:56 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2015-09-30 21:56 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-09-30 21:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2015-09-30 21:56 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2015-09-30 21:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2015-09-30 21:56 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-09-30 21:56 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-09-30 21:56 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2015-09-30 21:56 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-09-30 21:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2015-09-30 21:56 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-09-30 21:56 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2015-09-30 21:56 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-09-30 21:56 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-09-30 21:56 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-09-30 21:56 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-09-30 21:56 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-09-30 21:56 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-09-30 21:56 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2015-09-30 21:56 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-09-30 21:56 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2015-09-30 21:56 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2015-09-30 21:56 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-09-30 21:56 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2015-09-30 21:56 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-09-30 21:56 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll 2015-09-30 21:56 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2015-09-30 21:56 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2015-09-30 21:56 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-09-30 21:56 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-09-30 21:56 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-09-30 21:56 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2015-09-30 21:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-09-30 21:56 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2015-09-30 21:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2015-09-30 21:56 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2015-09-30 21:56 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2015-09-30 21:56 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2015-09-30 21:56 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2015-09-30 21:56 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2015-09-30 21:56 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-09-30 21:56 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll 2015-09-30 21:56 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2015-09-30 21:56 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2015-09-30 21:56 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-09-30 21:56 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2015-09-30 21:56 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2015-09-30 21:56 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll 2015-09-30 21:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-09-30 21:56 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-09-30 21:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-09-30 21:56 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-09-30 21:56 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-09-30 21:56 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2015-09-30 21:56 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll 2015-09-30 21:56 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys 2015-09-30 21:56 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll 2015-09-30 21:56 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll 2015-09-30 21:56 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2015-09-30 21:56 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2015-09-30 21:56 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-09-30 21:56 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2015-09-30 21:56 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2015-09-30 21:56 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-09-30 21:56 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2015-09-30 21:56 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-09-30 21:56 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-09-30 21:56 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-09-30 21:56 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-09-30 21:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-09-30 21:56 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-09-30 21:56 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-09-30 21:56 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-09-30 21:56 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2015-09-30 21:56 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-09-30 21:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-09-30 21:56 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-09-30 21:56 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-09-30 21:56 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-09-30 21:56 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-09-30 21:56 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2015-09-30 21:56 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll 2015-09-30 21:56 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-09-30 21:56 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-09-30 21:56 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2015-09-30 21:56 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-09-30 21:56 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-09-30 21:56 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-09-30 21:56 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-09-30 21:55 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-09-30 21:55 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2015-09-30 21:55 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-09-30 21:55 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll 2015-09-30 21:55 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll 2015-09-30 21:55 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-22 20:42 - 2015-09-19 13:11 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-22 20:42 - 2015-08-30 11:34 - 00479134 _____ C:\Users\*****\AppData\Local\Snip.txt 2015-10-22 20:42 - 2015-06-13 15:47 - 00000000 ___RD C:\Users\*****\Dropbox 2015-10-22 20:42 - 2015-06-13 15:45 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2015-10-22 20:42 - 2015-06-13 15:45 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox 2015-10-22 20:42 - 2015-05-02 11:27 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-22 20:42 - 2015-03-24 18:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-10-22 20:41 - 2015-07-30 21:05 - 00000000 ____D C:\Users\***** 2015-10-22 20:41 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-22 20:40 - 2014-03-16 13:40 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job 2015-10-22 20:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-10-22 20:25 - 2014-10-26 16:05 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{687F2EEC-A316-484A-B958-97FEC835D3B2} 2015-10-22 20:23 - 2015-09-14 13:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-10-22 19:55 - 2015-06-13 15:45 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2015-10-22 19:53 - 2015-05-02 11:27 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-22 18:40 - 2014-03-16 13:40 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job 2015-10-22 18:37 - 2014-01-20 23:03 - 00000000 ____D C:\Users\*****\AppData\LocalLow\LastPass 2015-10-22 18:11 - 2015-05-23 17:16 - 00003412 _____ C:\WINDOWS\Sandboxie.ini 2015-10-22 15:35 - 2015-05-28 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-10-22 13:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-10-22 00:34 - 2014-04-04 17:44 - 00000000 ____D C:\Users\*****\AppData\Local\Battle.net 2015-10-21 21:54 - 2015-07-30 19:11 - 00000000 ____D C:\Users\*****\Documents\WISO Mein Geld 2015-10-21 21:52 - 2015-09-18 18:37 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-10-21 19:11 - 2014-05-07 19:37 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc 2015-10-21 16:50 - 2014-11-06 16:41 - 00000325 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-10-21 16:50 - 2014-11-06 16:32 - 00000000 ____D C:\Users\*****\AppData\Local\Buhl Data Service GmbH 2015-10-21 16:48 - 2015-08-30 11:34 - 00000000 ____D C:\Users\*****\Documents\My Snips 2015-10-21 16:32 - 2014-03-22 16:29 - 00000000 ____D C:\Users\*****\AppData\Roaming\Buhl Data Service GmbH 2015-10-21 16:32 - 2014-03-19 20:06 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH 2015-10-21 16:21 - 2014-10-17 21:33 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe 2015-10-21 14:35 - 2015-07-30 21:13 - 01899178 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-21 14:35 - 2015-07-10 18:34 - 00801936 _____ C:\WINDOWS\system32\perfh007.dat 2015-10-21 14:35 - 2015-07-10 18:34 - 00164536 _____ C:\WINDOWS\system32\perfc007.dat 2015-10-20 15:03 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-20 12:56 - 2014-01-20 22:56 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype 2015-10-20 12:49 - 2014-04-04 16:10 - 00000000 ____D C:\ProgramData\Blizzard Entertainment 2015-10-20 12:17 - 2015-08-30 11:34 - 00000000 ____D C:\Users\*****\AppData\Local\Package Cache 2015-10-19 14:13 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-10-19 13:24 - 2015-09-18 19:11 - 00003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2015-10-19 13:24 - 2015-03-27 21:20 - 00001504 _____ C:\DelFix.txt 2015-10-18 22:45 - 2015-09-17 19:58 - 00001276 _____ C:\Users\*****\Desktop\CoreTemp.ini 2015-10-18 17:22 - 2015-07-10 14:20 - 00454064 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-10-18 09:16 - 2015-09-06 21:08 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2015-10-18 08:12 - 2015-07-31 23:06 - 00000146 _____ C:\Users\*****\Desktop\Sound - Verknüpfung.lnk 2015-10-17 23:55 - 2015-09-14 13:22 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-10-17 18:20 - 2015-06-13 15:45 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-10-17 16:23 - 2015-07-30 19:10 - 00000000 ____D C:\Users\*****\Documents\StarCraft II 2015-10-17 15:23 - 2015-09-14 13:22 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-10-17 13:54 - 2015-05-02 11:27 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-10-17 13:42 - 2014-07-02 17:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-16 05:10 - 2015-07-10 13:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 05:10 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-15 18:59 - 2014-08-13 18:27 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-15 18:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-15 18:58 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-10-15 18:57 - 2015-05-23 11:05 - 00000825 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-10-15 18:57 - 2015-03-24 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-10-13 20:13 - 2014-05-10 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-13 20:11 - 2013-08-22 15:25 - 00000203 _____ C:\WINDOWS\win.ini 2015-10-13 20:10 - 2014-01-20 22:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-13 20:06 - 2014-01-20 22:10 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-10-12 20:05 - 2014-01-20 21:44 - 00000000 ____D C:\WINDOWS\CSC 2015-10-12 19:10 - 2013-08-22 15:25 - 00002053 _____ C:\WINDOWS\system32\Drivers\etc\hosts_bak_590 2015-10-11 11:48 - 2015-08-01 12:44 - 00000000 ____D C:\WINDOWS\Minidump 2015-10-08 14:49 - 2015-05-17 13:48 - 00000000 ____D C:\Program Files\Sandboxie 2015-10-07 16:53 - 2015-07-30 21:04 - 00000000 ____D C:\ProgramData\Package Cache 2015-10-07 16:52 - 2012-07-26 09:25 - 00000000 ____D C:\AMD 2015-10-07 16:51 - 2015-07-16 02:12 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 12088008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-10-07 16:51 - 2015-07-16 02:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-10-07 16:51 - 2015-07-16 02:06 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-10-07 16:51 - 2015-07-16 01:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-10-07 16:51 - 2015-07-16 01:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll 2015-10-05 09:50 - 2015-03-24 18:45 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-10-05 09:50 - 2015-03-24 18:45 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-10-04 17:18 - 2015-09-13 22:01 - 00000000 ____D C:\Users\*****\AppData\Roaming\MPC-HC 2015-10-04 17:14 - 2015-03-12 15:20 - 00000000 ____D C:\Users\*****\AppData\Roaming\dvdcss 2015-10-04 14:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-10-04 11:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-10-04 11:23 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas 2015-10-01 18:59 - 2015-09-01 17:36 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438604478 2015-10-01 18:59 - 2015-08-03 14:21 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-10-01 18:59 - 2015-04-30 19:34 - 00000000 ____D C:\Program Files (x86)\Opera ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-01-20 23:03 - 2014-10-06 18:29 - 13024768 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2015-07-30 19:04 - 2015-07-30 19:05 - 0000467 _____ () C:\Users\*****\AppData\Roaming\burnaware.ini 2015-07-30 22:44 - 2015-07-30 22:44 - 0000078 _____ () C:\Users\*****\AppData\Roaming\mainhst.zgh 2014-10-04 14:43 - 2014-10-04 14:43 - 0001285 _____ () C:\Users\*****\AppData\Local\recently-used.xbel 2015-05-01 21:58 - 2015-05-01 21:58 - 0007595 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg 2015-08-30 11:34 - 2015-10-22 20:42 - 0479134 _____ () C:\Users\*****\AppData\Local\Snip.txt 2015-02-14 11:57 - 2015-02-14 11:57 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-07-30 21:04 - 2015-07-30 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-11-06 16:41 - 2015-10-21 16:50 - 0000325 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\*****\fbchathistory.dat Einige Dateien in TEMP: ==================== C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbkg9ci.dll C:\Users\*****\AppData\Local\Temp\unrar.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-13 18:53 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
durchgeführt von ***** (2015-10-22 20:40:47)
Gestartet von C:\Users\*****\Downloads
Windows 10 Pro (X64) (2015-07-30 19:13:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1888364831-2858631773-2981139133-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1888364831-2858631773-2981139133-503 - Limited - Disabled)
Gast (S-1-5-21-1888364831-2858631773-2981139133-501 - Limited - Disabled)
***** (S-1-5-21-1888364831-2858631773-2981139133-1001 - Administrator - Enabled) => C:\Users\*****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Der Herr der Ringe Online™“ v1301.0055.0535.4025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 1301.0055.0535.4025 - Turbine, Inc.)
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.36 beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Alcor Micro Generic Hub Filter Driver (HKLM-x32\...\AmUHubftr) (Version: 2.0.11.0 - Alcor Micro Corp.)
Alcor Micro Generic Hub Filter Driver (x32 Version: 2.0.11.0 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (x32 Version: 20.26.3317.04170 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BurnAware Free 8.3 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Double Action: Boogaloo (HKLM-x32\...\Steam App 317360) (Version: - Double Action Factory)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
DxO Optics Pro 7 (HKLM\...\{64579E10-6249-4BB1-B1D1-8EF55042DB45}) (Version: 7.5.5 - DxO Labs)
Elite Dangerous Launcher version 0.4.2854.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.2854.0 - Frontier Developments)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FileZilla Client 3.13.1 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\FileZilla Client) (Version: 3.13.1 - Tim Kosse)
Free MP4 Video Converter version 5.0.63.913 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.63.913 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{5C519C69-AC39-40D0-9FF3-1F3FEE4640B2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Hilfe (HKLM-x32\...\{6767CCD2-B939-4542-BF08-015B5496D4EC}) (Version: 30.0.0 - Hewlett Packard)
HP Photosmart Plus B210 series - Grundlegende Software für das Gerät (HKLM\...\{1686185A-3D85-428D-8786-ACB403B9D420}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Hilfe (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Mega Codec Pack 11.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
LOTRO Plugin Compendium (HKLM-x32\...\{3BF7818D-2482-4676-A237-915A11A97847}) (Version: 1.0.3 - Lunarwater)
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.1 - Tracker Software Products Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.336 - Qualcomm Atheros Communications)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.35.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.37.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 5.04 (64-bit) (HKLM\...\Sandboxie) (Version: 5.04 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Ski Challenge 15 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\sc15-GAMETWIST_MAIN) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Snip (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation)
Snip (x32 Version: 0.1.5119.0 - Microsoft) Hidden
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.4.0 - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarCraft II - Legacy of the Void Beta (HKLM-x32\...\StarCraft II - Legacy of the Void Beta) (Version: - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP ENVY 4500 series (HKLM\...\{3590B83E-FCEB-43E2-9F3D-2917825547D0}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Unchecky v0.4 (HKLM-x32\...\Unchecky) (Version: 0.4 - RaMMicHaeL)
Unity Web Player (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WEB.DE Club SmartFax (HKLM-x32\...\WEB.DE Club SmartFax) (Version: 2.00.235 - 1&1 Mail & Media GmbH)
WEB.DE Online-Speicher 1.11.4174.0 (HKU\S-1-5-21-1888364831-2858631773-2981139133-1001\...\WEB.DE Application {sync-000021}) (Version: 1.11.4174.0 - 1&1 Mail & Media GmbH)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WISO Mein Geld 365 Professional (HKLM-x32\...\WISO Mein Geld 365 Professional) (Version: - Buhl Data Service GmbH)
WISO Mein Geld 365 Professional (x32 Version: 21.0.0.0 - Buhl Data Service GmbH) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1888364831-2858631773-2981139133-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
==================== Wiederherstellungspunkte =========================
19-10-2015 13:24:14 Ende der Bereinigung
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-10-19 13:09 - 00002053 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
Da befinden sich 10 zusätzliche Einträge.
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {011B42D3-DFDF-4C79-BC17-EF6717F44986} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {13896B67-0FCD-42C2-A928-DC02BAFFFCAD} - System32\Tasks\{6644215F-D573-4448-B8E2-12B972183707} => pcalua.exe -a "C:\Program Files (x86)\pandasecuritytb\uninstall.exe"
Task: {187B46F7-A8B8-4F63-94EF-393FD2B00E9E} - System32\Tasks\{70F927D6-EBE1-457D-A298-444941E8E902} => pcalua.exe -a "C:\Users\*****\Desktop\Galaxy S3 - Mini\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\*****\Desktop\Galaxy S3 - Mini"
Task: {19123DE3-4CE2-47EB-951C-000B9086A899} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {1D2E8BE4-15AF-45C9-B1BB-8AE269980BD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {20CEB925-62C3-4BE2-AC72-232D8EEEC4C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {262C2D0D-990C-4A39-8A1A-7FCECDA34A8D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {2ECDE3D1-17B5-4C78-83A3-961EBC1858CD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {2F19BF84-ECD9-489B-B717-18E7D00AD177} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL e:\e67415113b809610ca462725cd5d34\ipoint\Setup64\Files\1031\Deu.rtf
Task: {30F520F0-ECDE-4773-8DF4-791D3E820289} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {3AF644C2-3E4D-4A96-8523-77213AB94E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {53F8794E-726C-4A97-9BB8-347ECDC5CB94} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {5A73AB7F-ABDA-4DEA-ACE4-066E9E744A0C} - System32\Tasks\{A8A0A7FB-B363-4CBD-91B8-947FA6EA8EAA} => pcalua.exe -a C:\Users\*****\Downloads\k30v106.EXE -d C:\Users\*****\Downloads
Task: {5B46D580-7A03-4856-88F2-8E578DABC387} - System32\Tasks\Opera scheduled Autoupdate 1438604478 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {7D3F2A3A-91AF-4E5C-8D4A-956ECC22B4BC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {9ABF69B7-6E21-4FBE-A448-CFD73E6FC963} - System32\Tasks\{B4166901-0BCE-4DB5-9228-DF2E0E6A54F0} => pcalua.exe -a E:\TYPO3_4.7.7\typo3start.exe -d e:\TYPO3_4.7.7
Task: {AADE5BB0-9229-466A-87CF-F451459353E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {DEB7CFFF-C665-4D19-A9F9-16AFEB868E86} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-13] (Microsoft Corporation)
Task: {E18984A1-5A1E-490A-A44F-ABD5DCC69332} - System32\Tasks\{70F4BB8E-DF69-4214-A82D-13742A7694BD} => pcalua.exe -a E:\typo3-winstall-6.0.0rc2\typo3start.exe -d E:\typo3-winstall-6.0.0rc2
Task: {E50A83C6-22D9-46C6-8EDE-F7B65D25B88E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-21] (Adobe Systems Incorporated)
Task: {E52C04F3-0641-4907-8F29-A02D3A7352F6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {F6FDE532-F25A-40C7-AAAF-B33AF91282B9} - System32\Tasks\{2B43B2A3-A783-4ECE-BEF2-BEE44272E399} => pcalua.exe -a "C:\Users\*****\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)\SAMSUNG_USB_Driver_for_Mobile_Phones.exe" -d "C:\Users\*****\Desktop\Galaxy3 Mini - Android Update\SAMSUNG_USB_Driver (1)"
Task: {FE45DD55-A6EC-4F57-9056-FF15EECC96A7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-24] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1888364831-2858631773-2981139133-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Mban von heute: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 22.10.2015 Suchlaufzeit: 15:53 Protokolldatei: mbam.von.heute.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.10.22.03 Rootkit-Datenbank: v2015.10.16.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: ***** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 438138 Abgelaufene Zeit: 4 Min., 23 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Deaktiviert Rootkits: Deaktiviert Heuristik: Deaktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Gruß verrant Bitte um Unterstützung. beste Grüße verrant |
| Themen zu Fehlklick bei ww1.virus-total. de ee |
| avira, defender, desktop, dnsapi.dll, ebay, einfrieren, einstellung, exe, flash player, geld, google, google analytics, helper, homepage, install.exe, mozilla, netstat, prozesse, realtek, rundll, scan, services.exe, software, system, ublock, ublock origin, usb, warum, windows, windows 10 pro, wiso, wlan |
Baum-Darstellung