| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7: Avira meldet MalewareWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
| |
05.11.2015, 23:00
| #1 |
 |  Windows 7: Avira meldet Maleware Kann mir jemand helfen? Exportierte Ereignisse: 05.11.2015 22:47 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://ams1.ib.adnxs.com/ab?e=wqT_3QL1BPBCbAIAAAIA1gAFCPec77EFELjexZ-k6bjkJxiNm bXv7uaFkDIgASotCZkaIFMZDAdAEd9K-4kWgwRAGbgehetRuB9AIRESBCmZDSSoMOe4sAI4_QpAzBFIA lC-pqMHWPPiKWAAaP20A3jH-gOAAQGKAQNVU0SSAQEG8G-YAawCoAH6AagBAbABALgBAcABBcgBANABA NgBAOABAPABAIoCV3VmKCdhJywgMjQ4Mzg3LCAxNDQ2NzYwMDU1KTt1ZignYycsIDQwMjE3ODQsIDE0N DY3NjAwNTUpO3VmKCdyJywgMTUyNTg0MzAsMjsA8NSSAsUBIUdDMVJsd2lZdlBVQkVMNm1vd2NZQUNEe jRpa3dBRGdBUUFCSXpCRlE1N2l3QWxnQVlMMERhQUJ3Q0hpSUFZQUJFSWdCaUFHUUFRR1lBUUdnQVFHb 0FRT3dBUUM1QVlVYVhWZXVOQVZBd1FHWkdpQlRHUXdIUU1rQnNYalJ5VDFHN0RfWkFWT1dJWTUxY2UwX zRBRUE2Z0VITVRjek1EQTRPZlVCQUFBQUFJQUNBWWdDcWN4cGtBSUJtQUtLaHJTQUJBLi6aAh0hcHdZS 1BRaVkuyADwkzgtSXBJQUEusgISNDIxNjgxNDM1NzgyMTYzMjE12ALVA-AC2MYG6gIuaHR0cDovL3d3d y5rc3RhLmRlL2hvbWUvMTUxODk1MTYsMTUxODk1MTYuaHRtbIADAYgDAZADAJgDEKADAaoDALADALgDA MADrALIAwDYA8OiMeADAOgDAPADAPgDA4AEAJIEBC9hc2mYBAA.&s=aea62b71519d6b5dda00213ddc d261ca17b391e4&referrer=http%3A%2F%2Fwww.ksta.de%2Fhome%2F15189516%2C15189516.ht ml&pp=1.08" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 05.11.2015 21:38 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://ams1.ib.adnxs.com/ab?e=wqT_3QKDBfBCegIAAAIA1gAFCOP87rEFEPzj_P-N2cPZJhiNm bXv7uaFkDIgASotCVpwY3dRngRAEaxraga0WQJAGQAAAAAAABxAIRESBClaDSSoMI24sAI4_QpAzBFIA lC-pqMHWODiKWAAaJLUAnju7QKAAQGKAQNVU0SSAQEG8G-YAawCoAH6AagBAbABALgBAcABBcgBANABA NgBAOABAPABAIoCV3VmKCdhJywgMjQ4Mzg3LCAxNDQ2NzU1OTM5KTt1ZignYycsIDQwMjE3ODQsIDE0N DY3NTU5MzkpO3VmKCdyJywgMTUyNTg0MzAsMjsA8NSSAsUBIWdpOUJOUWlZdlBVQkVMNm1vd2NZQUNEZ zRpa3dBRGdBUUFCSXpCRlFqYml3QWxnQVlMMERhQUJ3Qm5qSUZJQUJEb2dCeUJTUUFRR1lBUUdnQVFHb 0FRT3dBUUM1QVJ1X1RhS1UtQUpBd1FGYWNHTjNVWjRFUU1rQmVhbG4ySEJMNlRfWkFWT1dJWTUxY2UwX zRBRUE2Z0VITVRjek1EQTRPZlVCQUFBQUFJQUNBWWdDcWN4cGtBSUJtQUtLaHJTQUJBLi6aAh0hbEFhc lBBaVkuyADwoTRPSXBJQUEusgISNDIxNjgxNDM1NzgyMTYzMjE12ALVA-AC2MYG6gI8aHR0cDovL3d3d y5jb21wdXRlcmJhc2UuZGUvMjAxNS0xMS94cGVyaWEtejUtY29tcGFjdC10ZXN0LzQvgAMBiAMBkAMAm AMQoAMBqgMAsAMAuAMAwAOsAsgDANgDm60k4AMA6AMA8AMA-AMDgAQAkgQEL2FzaZgEAA..&s=afedfa c6f1cea8a5f837f326af950d39c12eaef1&referrer=http%3A%2F%2Fwww.computerbase.de%2F2 015-11%2Fxperia-z5-compact-test%2F4%2F&pp=1.11" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:42 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://ams1.ib.adnxs.com/ab?e=wqT_3QLwBPBCZwIAAAIA1gAFCNGT6rEFEKf9wfWmm6TNdBiNm bXv7uaFkDIgASotCVlgdrh-0RFAEZ4w5wp2tw9AGbgehetRuB9AIRESBClZDSSgMOe4sAI4_QpAzBFIA lC-pqMHWPPiKWAAaP20A3j0B4ABAYoBA1VTRJIFBvBvmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQDQAQDYA QDgAQDwAQCKAld1ZignYScsIDI0ODM4NywgMTQ0NjY3Njk0NSk7dWYoJ2MnLCA0MDIxNzgyLCAxNDQ2N jc2OTQ1KTt1ZigncicsIDE1MjU4NDMwLDI7APDQkgLBASEzQzRIclFpV3ZQVUJFTDZtb3djWUFDRHo0a Wt3QURnQVFBQkl6QkZRNTdpd0FsZ0FZTDBEYUFCd0FuZ1dnQUVLaUFFSWtBRUJtQUVCb0FFQnFBRURzQ UVBdVFGbVptWm1abVlRUU1FQldXQjJ1SDdSRVVESkFUWXhQSVRPU2ZrXzJRSDVvR2V6Nm5QdFAtQUJBT 29CQnpFM016QXdPRG4xQVFBQUFBQ0FBZ0dJQXFuTWFaQUNBWmdDaW9hMGdBUS6aAh0hcFFic1BBaVcux ADwkzgtSXBJQUEusgISNDIxNjgxNDM1NzgyMTYzMjE12ALVA-AC2MYG6gIuaHR0cDovL3d3dy5rc3RhL mRlL2hvbWUvMTUxODk1MTYsMTUxODk1MTYuaHRtbIADAYgDAZADAJgDEKADAaoDALADALgDAMADrALIA wDYA8OiMeADAOgDAPADAPgDA4AEAJIEBC9hc2mYBAA.&84 13920b&referrer=http%3A%2F%2Fwww.ksta.de%2Fhome%2F15189516%2C15189516.html&pp=3. 39" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:42 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://ams1.ib.adnxs.com/ab?e=wqT_3QLwBPBCZwIAAAIA1gAFCNGT6rEFEKf9wfWmm6TNdBiNm bXv7uaFkDIgASotCVlgdrh-0RFAEZ4w5wp2tw9AGbgehetRuB9AIRESBClZDSSgMOe4sAI4_QpAzBFIA lC-pqMHWPPiKWAAaP20A3j0B4ABAYoBA1VTRJIFBvBvmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQDQAQDYA QDgAQDwAQCKAld1ZignYScsIDI0ODM4NywgMTQ0NjY3Njk0NSk7dWYoJ2MnLCA0MDIxNzgyLCAxNDQ2N jc2OTQ1KTt1ZigncicsIDE1MjU4NDMwLDI7APDQkgLBASEzQzRIclFpV3ZQVUJFTDZtb3djWUFDRHo0a Wt3QURnQVFBQkl6QkZRNTdpd0FsZ0FZTDBEYUFCd0FuZ1dnQUVLaUFFSWtBRUJtQUVCb0FFQnFBRURzQ UVBdVFGbVptWm1abVlRUU1FQldXQjJ1SDdSRVVESkFUWXhQSVRPU2ZrXzJRSDVvR2V6Nm5QdFAtQUJBT 29CQnpFM016QXdPRG4xQVFBQUFBQ0FBZ0dJQXFuTWFaQUNBWmdDaW9hMGdBUS6aAh0hcFFic1BBaVcux ADwkzgtSXBJQUEusgISNDIxNjgxNDM1NzgyMTYzMjE12ALVA-AC2MYG6gIuaHR0cDovL3d3dy5rc3RhL mRlL2hvbWUvMTUxODk1MTYsMTUxODk1MTYuaHRtbIADAYgDAZADAJgDEKADAaoDALADALgDAMADrALIA wDYA8OiMeADAOgDAPADAPgDA4AEAJIEBC9hc2mYBAA.&84 13920b&referrer=http%3A%2F%2Fwww.ksta.de%2Fhome%2F15189516%2C15189516.html&pp=3. 39" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:37 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLaDfT4AdEGAAACANYABQi9keqxBRCwgfjctc6k4CkYj Zm17-7mhZAyIAEqLQlsZ5ba_b0xQBHfT42XblIvQBleukkMAqsjQCFohrLXIS88QCkGBU9L7-0_QDDOo rUBOOUCQMwRSAJQ25SwEVi9yAFgAGjfYHiAnAOAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBA sABBcgBANABANgBAOABAOoBrghodHRwJTNBJTJGJTJGb3gtZC5rbGVpbmFuemVpZ2VuLnNlcnZlZGJ5b 3BlbnguY29tJTJGdyUyRjEuMCUyRnJjJTNGYmklM0Q0ZDk0OGUwZi1mNGNmLTQwYmEtOGUzYy01NjI5Z DU5OTY5MDMlMjZ0cyUzRDFmSEpwWkQxbE5UZ3dOek5pT1MxaVpXSTFMVFEzWW1JdE9XVmpNaTFpWmpCb U1UUmlaVE15TkRsOGNuUTlNVFEwTmpZM05qWTJPSHhoZFdsa1BUVXpPREEwTURrd01YeGhkVzA5UkUxS lJDNVhSVUo4YzJsa1BUVXpOekl3TlRNMk5ueHdkV0k5TlRNM01URTFOVFl4ZkhCalBVVlZVbnh5WVdsa 1BXRXlNalkzTnpSaUxUbGlZV1V0TkdFelppMWhOamd5TFRKa05qUTVNbUptTm1ZelkzeGhhV1E5TlQBV BxVM05qazNmSAGwREo4WVhNOU16QXdlREkxTUh4cxko9DABSTFNekUwZkc5cFpEMDFNemN4TURFNU56R jhjRDB4TlRZMk1YeHdjajB4TWpneU5ueGhkR0k5TWpVMk5ETjhZV1IyUFRVek56QTNNalF3TUh4aFl6M VZVMFI4Y0cwOVVGSkpRMGxPUnk1RFVFMThiVDB4ZkdGcFBURTFNbVF3TjJJeExXUmhOREV0TkdNME1DM WhaREU0TFdabE56UmpNalk1TlRNMFlYeHRZejFIUWxCOGJYSTlNVFUyTm54d2FUMDVNVFEwZkcxMWFUM HhNRGsxWmpZME5pMHpOVEV6TFRSaVl6Y3ROR0V3TUMwMVlqQTRZalZsWkRJd1lUTjhiV0U5TlRoa05qa GhNV1V0WkRjellTMDBNMk15TFRrMVlqUXRZekpqTkdFd05qRTRNV1EBbAR5ZCEcgERRMk5qYzJOalk0Z kcxeVl6MVRVbFJmVjA5T2ZHMTNZVCVQsHdOekkwTURCOFkyczlNWHh0ZDJKcFBUSTBNVGQ4YlhkaVBUR TRNamd5ZkcxaD10DGxiR2MFMDhiMk05VlZORWZHMXZjajAllBRmRzF3WXoxEGBCeVBUa3hORFI4YlhCb VBURTVPVGw4YlcxAQwMME1qVgEYuHVaajB4T1RrNWZHMXRibVk5TVRReU5YeHdZM1k5TXpSOGJXODlUM Wd0UjBKOFpXQTAcWTBOREEyTmoBqDRCMVBURTBNRGsxZkcxah2oGHRkMk05TlRBdBRBeE9UY3gB_ABjU UwQalV6TVQBmAxkamNqJRAUeE5UYzJPCfwIcGN6QRDwaTEzY0hROWIzaGZjSEp2ZEc5OGRYSTlVRzFsZ VhVeVNHWkdRZyUyNnIlM0TwAQD6AQZ2ZXJ0LTaKAld1ZignYScsIDI0ODM4NywgMTQ0NjY3NjY2OSk7d WYoJ2MnLCA0MDIxNzg1LCAxNDQyHQAwcicsIDM2NDQwNjY3LDI7APCckgLBASE4eXlMRUFpWnZQVUJFT nVVc0JFWUFDQzl5QUV3QURnQVFBQkl6QkZRenFLMUFWZ0FZTDBEYUFCd0FIZ0FnQUVJaUFFQWtBRUJtQ UVCb0FFQnFBRURzQUVBdVFFX2NCNGZTbU05UU1FQkJnVlBTLV90UDBESkFTcWdhYi1HbHdOQTJRSDVvR 2V6Nm5QdFAtQUJBT29CQnpFM2HIsE9EbjFBUUFBQUFDQUFnR0lBcW5NYVpBQ0FaZ0Npb2EwZ0FRLpoCH SFVZ1paUDrEAEh2Y2dCSUFBLtgCAOAC5uwY6gJxoYQsOi8vd3d3LmViYXktNoIFFGRlL3MtYamQ8IUve m90YWMtbnZpZGlhLWd0eDY4MC0yZ2Itc3BlaWNoZXItc2Voci1ndXRlci16dXN0YW5kLS8zNzY2NzM5N zUtMjI1LTk4M4ADAYgDAJADAJgDC6ADAaoDALADALgDAMADrALIAwDYA-uUVuADAOgDAPADAPgDA4AEA JIEBi9vcGVueJgEAA..&b8c8d24b&referrer=http%3A% 2F%2Fwww.ebay-kleinanzeigen.de%2Fs-anzeige%2Fzotac-nvidia-gtx680-2gb-speicher-se hr-guter-zustand-%2F376673975-225-983" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:37 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK6DfR3AbEGAAACANYABQiQkeqxBRDs88Sau7C6r3wYj Zm17-7mhZAyIAEqLQn_I0UQvcspQBGF61G4HsUmQBm28_3UeGksQCH9HV2K5_I3QCl8PhteoCE7QDDOo rUBOOUCQMwRSAJQuO_7DFi9yAFgAGjfYHjy5wOAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBA sABBcgBANABANgBAOABAOoBrAhodHRwJTNBJTJGJTJGb3gtZC5rbGVpbmFuemVpZ2VuLnNlcnZlZGJ5b 3BlbnguY29tJTJGdyUyRjEuMCUyRnJjJTNGYmklM0Q0ZDk0OGUwZi1mNGNmLTQwYmEtOGUzYy01NjI5Z DU5OTY5MDMlMjZ0cyUzRDFmSEpwWkQxa05qRmlNRGRsTkMwNU5ETXlMVFF4TUdNdFltSTJNQzB4TjJRM k5XSTBZMlZrTlRaOGNuUTlNVFEwTmpZM05qWXlNM3hoZFdsa1BUVXpPREEwTURrd00FFDwwOVJFMUpSQ zVYUlVKOGMyCSTwY056SXdOVE0yTm54d2RXSTlOVE0zTVRFMU5UWXhmSEJqUFVWVlVueHlZV2xrUFRab FpUTXhNR1V3TFRjelpqUXROR0l4TnkxaVl6RTJMVEk0T0dRME5XUmlZV1EwT1h4aGFXUTkBVCRPRFl5T 1RVeGZIAbBISjhZWE05TVRZd2VEWXdNSHhzYQ0o6E1USTFNekUwZkc5cFpEMDFNemN4TURFNU56RjhjR DB4TVRNNE5YeHdjajA1TXpJemZHRjBZajB5TVRjARgMaFpIWQnE8GxEY3lOREF3ZkdGalBWVlRSSHh3Y lQxUVVrbERTVTVITGtOUVRYeHRQVEY4WVdrOU1UVXlaREEzWWpFdFpHRTBNUzAwWXpRd0xXRmtNVGd0W m1VM05HTXlOamsxTXpSaGZHMWpQVWRDVUh4dGNqBZjwqzVmSEJwUFRZMk5EZDhiWFZwUFRFd09UVm1Oa lEyTFRNMU1UTXROR0pqTnkwMFlUQXdMVFZpTURoaU5XVmtNakJoTTN4dFlUMWpOelptT0RNMU5pMDFZa kUyTFRRek1tSXRPV1kxTkMxbVpERmtNakkzWW1Vek16UjhiWEowUFRFME5EWTJOelkyTWpOOGJYSmpQV k5TVkY5WFQwNThiWGRoUFRVek56QTNNalEhdMhqYXoweGZHMTNZbWs5TWpReE4zeHRkMkk5TVRVMU16R jhiV0Z3UFRFeE16ZzFmR1ZzWnoFMDB2WXoxVlUwUjhiVzl5CSAYbDhiWEJqUDEQGEhJOU5qWTABUDRjR 1k5TVRrNU9YeHRiVwEMdFF5Tlh4dGNHNW1QVEU1T1RsOGJXMXVaajB4TkRJMUF08DxkajB6Tkh4dGJ6M VBXQzFIUW54bFl6MHlOekU1TlRNeU1IeHRjSFU5TVRBeU5EWjhiV053UFRFeE16ZzFmAdAAejY4AhRiW GR3UFQB_BRFeU5UTXgBXAxkMk55CRQcZzJNamsxTVgB_ARsekEQATDwY2REMXZlRjl3Y205MGIzeDFja jFJTUhGNlpsSnVaWFJVJTI2ciUzRPABAPoBBnZlcnQtNooCV3VmKCdhJywgMjQ4Mzg3LCAxNDQ2Njc2N jI0KTt1ZignYycsIDQwMjE3ODUsIDE6HQAAcgE5GDcxOTUzMjA2HgDw0JICwQEhOEM1eXRnaVp2UFVCR Uxqdi13d1lBQ0M5eUFFd0FEZ0FRQUJJekJGUXpxSzFBVmdBWUwwRGFBQndCSGdBZ0FFR2lBRUFrQUVCb UFFQm9BRUJxQUVEc0FFQXVRRjJpSnNyd2ZnNFFNRUJmRDRiWHFBaE8wREpBZmxhRWgzV3BRQkEyUUg1b 0dlejZuUHRQLUFCQU9vQkJ6RTNNekF3T0RuMUFRQUFBQUNBQWdHSUFxbk1hWkFDQVpnQ2lvTHNodzAum gIdITBBWmpRQWlaLsQAiHZjZ0JJQUEu2AIA4ALm7BjqAlNodHRwOi8vd3d3LmViYXktNoAF8HNkZS9zL TUwNzM5L3NvcnRpZXJ1bmc6ZW50ZmVybnVuZy9ndHgtNjgwL2swbDE2NzYzcjIwMIADAYgDAJADAJgDC 6ADAaoDALADALgDAMADrALIAwDYA-uUVuADAOgDAPADAPgDA4AEAJIEBi9vcGVueJgEAA..&s=b309a7 313dffda6d1496bb338e048335706724a0&referrer=http%3A%2F%2Fwww.ebay-kleinanzeigen. de%2Fs-50739%2Fsortierung%3Aentfernung%2Fgtx-680%2Fk0l16763r200" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:36 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKoDfR3AZ8GAAACANYABQiAkeqxBRD8m6L3j9_vkjYYj Zm17-7mhZAyIAEqLQkZ3KGpRXo2QBGe76fGS9czQBm28_3UeGksQCGwUxlg1iE7QCmhVB2e2rw-QDDOo rUBOOUCQMwRSAJQuO_7DFi9yAFgAGjfYHj7mQKAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBA sABBcgBANABANgBAOABAOoBsAhodHRwJTNBJTJGJTJGb3gtZC5rbGVpbmFuemVpZ2VuLnNlcnZlZGJ5b 3BlbnguY29tJTJGdyUyRjEuMCUyRnJjJTNGYmklM0Q0ZDk0OGUwZi1mNGNmLTQwYmEtOGUzYy01NjI5Z DU5OTY5MDMlMjZ0cyUzRDFmSEpwWkQwMVpqSXdNamd3TWkxak5qQmtMVFEwWTJVdE9EWXpZaTFtWXpZd 05tRTNaVGN4TTJKOGNuUTlNVFEwTmpZM05qWXdOM3hoZFdsa1BUVXpPREEzT0RjeU0FFDwwOVJFMUpSQ zVYUlVKOGMyCSTwY056SXdOVE0yTm54d2RXSTlOVE0zTVRFMU5UWXhmSEJqUFVWVlVueHlZV2xrUFdFe U1HWXlZbVZrTFROak5USXROR0U0T1MwNU56RXpMVEEzWkRGaE1ESmhNall3TTN4aGFXUTkJVBxVM05Ea zVmSAGwSEo4WVhNOU1UWXdlRFl3TUh4c2EVKPBMSTFNekUwZkc5cFpEMDFNemN4TURFNU56RjhjRDB4T 1RnME1YeHdjajB4TmpJMU1IeGhkR0k5TWpRMk9EaDhZV1IyUFRVek56QTNNalEBXPDwaFl6MVZVMFI4Y 0cwOVVGSkpRMGxPUnk1RFVFMThiVDB4ZkdGcFBURTFNbVF3TjJJeExXUmhOREV0TkdNME1DMWhaREU0T FdabE56UmpNalk1TlRNMFlYeHRZejFIUWxCOGJYSTlNVGs0Tkh4d2FUMHhNVFU0Tlh4dGRXazlNVEE1T ldZMk5EWXRNelV4TXkwMFltTTNMVFJoTURBdE5XSXdPR0kxWldReU1HRXpmRzFoUFRnek9EQXhORFE1T FdOaFpqRXROR1JpWVMwNU4yVmxMVFUzWWpZMVptVmlaR0ptTW54dGNuUTlNVFEwTmpZM00ITHRjbU05V TFKVVgxZFBUbnh0ZDJFKeB8RGN5TkRBd2ZHTnJQVEY4YlhkaWFUMHlOREUzZkcxM1khXAB6JZgMdFlYQ QncGERGOFpXeG4FMDRXOWpQVlZUUkh4dGIzSQkgNEh4dGNHTTlSMEpRZkcxJaAETVQpCAhjR1kBJBg1T 1h4dGJXAQwMUXlOWAEwODVtUFRFNU9UbDhiVzF1WgF4CERJMUF4DGRqMHoBVGBiejFQV0MxSFFueGxZe jB5TnpFNU5UTXlNAXA4SFU5TVRjNE5UZDhiV053BUwIRFF4BcQAejY8AhBiWGR3UEUYFEV5TlRNeAFcD GQyTnkNFAwxTnpRBaAMZDJsegXk8FRYZHdkRDF2ZUY5d2NtOTBiM3gxY2oxVmNHUnNaVXhpUm5abyUyN nIlM0TwAQD6AQZ2ZXJ0LTaKAld1ZignYScsIDI0ODM4NywgMTQ0NjY3NjYwOCk7ARwoYycsIDQwMjE3O DVGHQAscicsIDI3MTk1MzIwNh4A8NCSAsEBIWZ5NFVsd2ladlBVQkVManYtd3dZQUNDOXlBRXdBRGdBU UFCSXpCRlF6cUsxQVZnQVlMMERhQUJ3QUhnQWdBRUNpQUVNa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUcwW TBWQ2ZrbzhRTUVCb1ZRZG50cThQa0RKQVhoQ0xpeFUzQUpBMlFINW9HZXo2blB0UC1BQkFPb0JCekUzT XpBd09EbjFBUUFBQUFDQUFnR0lBcW5NYVpBQ0FaZ0Npb0xzaHcwLpoCHSEwQVpqUUFpWi7EAIh2Y2dCS UFBLtgCAOAC5uwY6gI9aHR0cDovL3d3dy5lYmF5LTaEBfBdZGUvcy01MDczOS9ndHgtNjgwL2swbDE2N zYzcjIwMIADAYgDAJADAJgDC6ADAaoDALADALgDAMADrALIAwDYA-uUVuADAOgDAPADAPgDA4AEAJIEB i9vcGVueJgEAA..&09dc4f75&referrer=http%3A%2F%2 Fwww.ebay-kleinanzeigen.de%2Fs-50739%2Fgtx-680%2Fk0l16763r200" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:36 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKmDfR3AZ0GAAACANYABQiAkeqxBRC4m6K_ndnVq1YYj Zm17-7mhZAyIAEqLQkmzDMypwEzQBH0_dR46cYwQBm28_3UeGksQCERpCkdKXo1QCnNiMR2zFQ4QDDOo rUBOOUCQMwRSAJQuO_7DFi9yAFgAGjfYHjFkwOAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBA sABBcgBANABANgBAOABAOoBrghodHRwJTNBJTJGJTJGb3gtZC5rbGVpbmFuemVpZ2VuLnNlcnZlZGJ5b 3BlbnguY29tJTJGdyUyRjEuMCUyRnJjJTNGYmklM0Q0ZDk0OGUwZi1mNGNmLTQwYmEtOGUzYy01NjI5Z DU5OTY5MDMlMjZ0cyUzRDFmSEpwWkQxaE16QTROemN6TXkxa01EWTRMVFF3TjJNdE9XVmpNQzAxWlRNM U1qQTROR0l5TkdOOGNuUTlNVFEwTmpZM05qWXdOM3hoZFdsa1BUVXpPREEwTURrd00FFDwwOVJFMUpSQ zVYUlVKOGMyCSTwY056SXdOVE0yTm54d2RXSTlOVE0zTVRFMU5UWXhmSEJqUFVWVlVueHlZV2xrUFRJN U9EQTVNemM1TFdVMFpHTXRORFppTmkwNVlqUm1MVGhoTW1OaFkyUmtaVFZsWkh4aGFXUTkBVCRPRFl5T 1RVeGZIAbBISjhZWE05TVRZd2VEWXdNSHhzYQ0o8E5NVEkxTXpFMGZHOXBaRDAxTXpjeE1ERTVOekY4Y 0QweE5qYzNOM3h3Y2oweE16YzBNSHhoZEdJOU1UazFNemQ4WVdSMlBUVXpOekEzTWpRAVyoaFl6MVZVM FI4Y0cwOVVGSkpRMGxPUnk1RFVFMThiVDB4ZkdGcFBURTFNbSFs0El4TFdSaE5ERXROR00wTUMxaFpER TRMV1psTnpSak1qWTVOVE0wWVh4dFl6MUhRbEI4YlhJAcwFmPB4YVQwNU56azJmRzExYVQweE1EazFaa lkwTmkwek5URXpMVFJpWXpjdE5HRXdNQzAxWWpBNFlqVmxaREl3WVROOGJXRTlOMlptWkRjMU5Ea3Raa kkyWmkwME16aG1MV0UxTkRBdE1USmxOVGxoTlRrMlpEbGxmRzF5ZCEcgERRMk5qYzJOakEzZkcxeVl6M VRVbFJmVjA5T2ZHMTNZVCVQsHdOekkwTURCOFkyczlNWHh0ZDJKcFBUSTBNVGQ4YlhkaVBURXpPVEk0Z kcxaD10DGxiR2MFMDRiMk05VlZORWZHMXZjaimUEGZHMXdZNRBgQnlQVGszT1RaOGJYQm1QVEU1T1RsO GJXMQEMDDBNalYBGPBAdVpqMHhPVGs1ZkcxdGJtWTlNVFF5Tlh4d1kzWTlNelI4Ylc4OVQxZ3RSMEo4W ldNOU1qY3hPVFV6TWpCOGJYQjEltBhUQXdmRzFqHagMdGQyTU3IFEF4T1RjeAH8AGNRTBRqVXpNVFIB6 AhqY2olEBw0TmpJNU5URgEUCHBjekEQ8GkxM2NIUTliM2hmY0hKdmRHOThkWEk5Y25scE1FVk1PWFJFZ HclMjZyJTNE8AEA-gEGdmVydC02igJXdWYoJ2EnLCAyNDgzODcsIDE0NDY2NzY2MDgpO3VmKCdjJywgN DAyMTc4NSwgMTQ0Mh0AAHIBORw3MTk1MzIwLDI7APDQkgLBASFiVE5DdUFpWnZQVUJFTGp2LXd3WUFDQ zl5QUV3QURnQVFBQkl6QkZRenFLMUFWZ0FZTDBEYUFCd0FIZ0FnQUVDaUFFTWtBRUJtQUVCb0FFQnFBR URzQUVBdVFIU05lMS1fR1EyUU1FQnpZakVkc3hVT0VESkFXN3k1bFA3Ml8wXzJRSDVvR2V6Nm5QdFAtQ UJBT29CQnpFM016QXdPRG4xQVFBQUFBQ0FBZ0dJQXFuTWFaQUNBWmdDaW9Mc2h3MC6aAh0hMEFaalFBa VouxABIdmNnQklBQS7YAgDgAubsGOoCPaGELDovL3d3dy5lYmF5LTaCBfBdZGUvcy01MDczOS9ndHgtN jgwL2swbDE2NzYzcjIwMIADAYgDAJADAJgDC6ADAaoDALADALgDAMADrALIAwDYA-uUVuADAOgDAPADA PgDA4AEAJIEBi9vcGVueJgEAA..&01ceae40&referrer= http%3A%2F%2Fwww.ebay-kleinanzeigen.de%2Fs-50739%2Fgtx-680%2Fk0l16763r200" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert 04.11.2015 23:30 [Browser-Schutz] Malware gefunden Beim Zugriff auf Daten der URL "hxxp://ams1.ib.adnxs.com/ab?e=wqT_3QLeBPBCVQIAAAIA1gAFCI2O6rEFEIqtnJPSwZXfExiNm bXv7uaFkDIgASotCcjqk1lg-iVAEXp8Z5d5jyNAGQAAAAAAABxAIRESBCnIDSSoMI24sAI4_QpAzBFIA lC-pqMHWODiKWAAaJLUAnjy2wOAAQGKAQNVU0SSAQEG8G-YAawCoAH6AagBAbABALgBAcABBcgBANABA NgBAOABAPABAIoCV3VmKCdhJywgMjQ4Mzg3LCAxNDQ2Njc2MjM3KTt1ZignYycsIDQwMjE3ODUsIDE0N DY2NzYyMzcpO3VmKCdyJywgMTUyNTg0MzAsMjsA8NCSAsEBIW5UQlAtUWladlBVQkVMNm1vd2NZQUNEZ zRpa3dBRGdBUUFCSXpCRlFqYml3QWxnQVlMMERhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFR HNBRUF1UUhOUG9oTmhEb2tRTUVCeU9xVFdXRDZKVURKQWJ4VFlHZXctT29fMlFINW9HZXo2blB0UC1BQ kFPb0JCekUzTXpBd09EbjFBUUFBQUFDQUFnR0lBcW5NYVpBQ0FaZ0Npb2EwZ0FRLpoCHSFsUWE2UEFpW i7EAPCANE9JcElBQS6yAhI0MjE2ODE0MzU3ODIxNjMyMTXYAtUD4ALYxgbqAhtodHRwOi8vd3d3LmNvb XB1dGVyYmFzZS5kZS-AAwGIAwGQAwCYAxCgAwGqAwCwAwC4AwDAA6wCyAMA2AObrSTgAwDoAwDwAwD4A wOABACSBAQvYXNpmAQA&fda39d1b&referrer=http%3A% 2F%2Fwww.computerbase.de%2F&pp=5.95" wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' [virus] gefunden. Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015 durchgeführt von ToDaKo (Administrator) auf TODAKO-PC (05-11-2015 22:53:15) Gestartet von C:\Users\ToDaKo\Desktop Geladene Profile: ToDaKo & (Verfügbare Profile: ToDaKo) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (Malwarebytes) E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes) E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Spotify Ltd) C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe (© 2015 Microsoft Corporation) C:\Users\ToDaKo\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-14] (Spotify Ltd) HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Run: [BingSvc] => C:\Users\ToDaKo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-14] (Spotify Ltd) HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BingSvc] => C:\Users\ToDaKo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries) AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{1DF3BC36-5737-4EC1-905E-E0057CC887A2}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: CtxIEInterceptorBHO Class -> {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} -> C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll [2012-04-05] (Citrix Systems, Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.) FireFox: ======== FF ProfilePath: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default FF DefaultSearchEngine: Google Default FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxps://maps.google.de/ FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-04-05] (Citrix Systems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC) FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC) FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\bing-.xml [2015-08-19] FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-default.xml [2014-03-25] FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-ssl.xml [2014-05-03] FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\ixquick-ssl.xml [2014-03-26] FF Extension: Bing Search - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\bingsearch.full@microsoft.com [2015-08-18] [ist nicht signiert] FF Extension: German Dictionary - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-10] [ist nicht signiert] FF Extension: Move Media Player - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\moveplayer@movenetworks.com [2013-11-30] [ist nicht signiert] FF Extension: NoScript - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-28] FF Extension: Adblock Plus - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-10-19] [ist nicht signiert] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "E:\Program Files (x86)\MediaGoDetector.crx" <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] () R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [Datei ist nicht signiert] S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-02] (Macrovision Europe Ltd.) [Datei ist nicht signiert] R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 MbaeSvc; E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation) R2 MBAMScheduler; E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-31] (Electronic Arts) S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-29] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-24] (Avira Operations GmbH & Co. KG) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1267200 2010-10-28] (C-Media Inc) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 ESProtectionDriver; E:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] () S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-02-23] (Sony Mobile Communications) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-05] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-05 22:53 - 2015-11-05 22:53 - 02198528 _____ (Farbar) C:\Users\ToDaKo\Desktop\FRST64.exe 2015-11-05 22:53 - 2015-11-05 22:53 - 00026155 _____ C:\Users\ToDaKo\Desktop\FRST.txt 2015-11-04 21:17 - 2015-11-04 23:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-03 19:46 - 2015-11-03 19:47 - 00000000 ____D C:\Program Files (x86)\QuickTime 2015-11-03 19:46 - 2015-11-03 19:46 - 00000000 ____D C:\Users\ToDaKo\AppData\LocalLow\Apple Computer 2015-11-03 19:46 - 2015-11-03 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2015-10-21 20:08 - 2015-10-21 20:08 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-21 20:08 - 2015-10-21 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-21 20:07 - 2015-10-21 20:08 - 00000000 ____D C:\Program Files\iTunes 2015-10-21 20:07 - 2015-10-21 20:07 - 00000000 ____D C:\Program Files\iPod 2015-10-21 20:07 - 2015-10-21 20:07 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-15 13:43 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-10-15 13:43 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-10-15 13:43 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-10-15 13:43 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-10-15 13:43 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-10-15 13:43 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-10-15 13:43 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-10-14 13:29 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-10-14 13:29 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-10-14 13:29 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-14 13:29 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-10-14 13:29 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-10-14 13:29 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-10-14 13:29 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-14 13:29 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-14 13:29 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-10-14 13:29 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-10-14 13:29 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-10-14 13:29 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-10-14 13:29 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-10-14 13:29 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-14 13:29 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-14 13:29 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-14 13:29 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-10-14 13:29 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-10-14 13:29 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-10-14 13:29 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-10-14 13:29 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-14 13:29 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-14 13:29 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-10-14 13:29 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-10-14 13:29 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-10-14 13:29 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-14 13:29 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-14 13:29 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-10-14 13:29 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-14 13:29 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-10-14 13:29 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-10-14 13:29 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-10-14 13:29 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-10-14 13:29 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-14 13:29 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-14 13:29 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-10-14 13:29 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-14 13:29 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-10-14 13:29 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-14 13:29 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-10-14 13:29 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-10-14 13:29 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-14 13:29 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-10-14 13:29 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-14 13:29 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-14 13:29 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-10-14 13:29 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-14 13:29 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-14 13:29 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-10-14 13:29 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-10-14 13:29 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-14 13:29 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-14 13:29 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-14 13:29 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-10-14 13:29 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-14 13:29 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-14 13:29 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-10-14 13:29 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-14 13:29 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-14 13:29 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-10-14 13:29 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-10-14 13:29 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-14 13:29 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-14 13:29 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-10-14 13:29 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-10-14 13:29 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2015-10-14 13:29 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-10-14 13:29 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2015-10-14 13:28 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-10-14 13:28 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-10-14 13:28 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-10-14 13:28 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-10-14 13:28 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-10-14 13:28 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-10-14 13:28 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-10-14 13:28 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-10-14 13:28 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-10-14 13:28 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-10-14 13:28 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-10-14 13:28 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-10-14 13:28 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-10-14 13:28 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-10-14 13:28 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-10-14 13:28 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-10-14 13:28 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-10-14 13:28 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-10-14 13:28 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-10-14 13:28 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-10-14 13:28 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-10-14 13:28 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-10-14 13:28 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-10-14 13:28 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-10-14 13:28 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-10-14 13:28 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-10-14 13:28 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-10-14 13:28 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-10-14 13:28 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-10-14 13:28 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-10-14 13:28 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-10-14 13:28 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-10-14 13:28 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-10-14 13:28 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-10-14 13:28 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-10-14 13:28 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-10-14 13:28 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-10-14 13:28 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-10-14 13:28 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-10-14 13:28 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-10-14 13:28 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-10-14 13:28 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-10-14 13:28 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-10-14 13:28 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-10-14 13:28 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-10-14 13:28 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-10-14 13:28 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-10-14 13:28 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-10-14 13:28 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-10-14 13:28 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-10-14 13:28 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-10-14 13:28 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-10-14 13:28 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-10-14 13:28 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-10-14 13:28 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-10-14 13:28 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-10-14 13:28 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-10-14 13:28 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-10-14 13:28 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-10-14 13:28 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-10-14 13:28 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-10-14 13:28 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-10-14 13:28 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-10-14 13:28 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-10-14 13:28 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-10-14 13:28 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2015-10-14 13:28 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-05 22:53 - 2015-06-01 22:03 - 00000000 ____D C:\FRST 2015-11-05 22:43 - 2014-03-15 21:25 - 00000000 ____D C:\Users\ToDaKo\Desktop\Sicherheit 2015-11-05 22:42 - 2014-10-11 13:42 - 00000911 _____ C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job 2015-11-05 22:42 - 2014-10-11 13:42 - 00000725 _____ C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job 2015-11-05 22:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-11-05 22:23 - 2014-05-01 23:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-05 22:22 - 2013-12-11 21:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-05 22:11 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-05 22:11 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-05 22:03 - 2013-11-29 22:22 - 01123220 _____ C:\Windows\WindowsUpdate.log 2015-11-05 22:03 - 2011-04-12 08:43 - 00699092 _____ C:\Windows\system32\perfh007.dat 2015-11-05 22:03 - 2011-04-12 08:43 - 00149232 _____ C:\Windows\system32\perfc007.dat 2015-11-05 22:03 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-05 21:57 - 2013-11-29 22:46 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-05 21:57 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-05 21:57 - 2009-07-14 05:51 - 00137356 _____ C:\Windows\setupact.log 2015-11-05 21:53 - 2015-06-01 21:54 - 00000000 ____D C:\AdwCleaner 2015-11-05 21:53 - 2010-11-21 04:47 - 00253218 _____ C:\Windows\PFRO.log 2015-11-05 20:57 - 2014-10-27 09:57 - 00000911 _____ C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job 2015-11-05 20:57 - 2014-10-27 09:57 - 00000725 _____ C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job 2015-11-05 17:56 - 2015-07-26 14:31 - 00003552 _____ C:\Windows\System32\Tasks\GarminUpdaterTask 2015-11-05 17:56 - 2015-07-26 14:31 - 00001890 _____ C:\Users\Public\Desktop\Garmin Express.lnk 2015-11-05 17:56 - 2015-07-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2015-11-05 17:56 - 2014-02-23 15:56 - 00000000 ____D C:\Program Files (x86)\Garmin 2015-11-05 17:56 - 2014-02-23 15:55 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-04 23:41 - 2013-12-01 16:21 - 00000000 ____D C:\Windows\Minidump 2015-11-04 23:31 - 2013-11-30 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-03 19:56 - 2013-12-10 21:34 - 00000000 ____D C:\Users\ToDaKo\AppData\Local\Apple Computer 2015-11-01 20:27 - 2013-12-01 22:37 - 00000020 ____H C:\ProgramData\PKP_DLbw.DAT 2015-11-01 20:27 - 2013-12-01 22:35 - 00000020 ____H C:\ProgramData\PKP_DLbx.DAT 2015-11-01 20:27 - 2013-12-01 22:21 - 00000020 ____H C:\ProgramData\PKP_DLbz.DAT 2015-11-01 20:06 - 2015-05-09 13:33 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-10-30 20:51 - 2013-12-08 18:52 - 00000000 ____D C:\Users\ToDaKo\AppData\Local\CrashDumps 2015-10-30 20:38 - 2014-12-27 10:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-10-29 19:18 - 2015-04-23 20:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-10-26 21:09 - 2013-11-29 22:22 - 00000000 ____D C:\Users\ToDaKo 2015-10-26 20:52 - 2013-12-11 18:55 - 00002026 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2015-10-26 20:52 - 2013-12-11 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-10-26 20:52 - 2013-11-29 22:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-26 20:52 - 2013-11-29 22:42 - 00508298 _____ C:\Windows\DPINST.LOG 2015-10-21 20:07 - 2013-12-10 21:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-19 22:30 - 2014-10-15 20:57 - 00000000 ____D C:\Users\ToDaKo\Desktop\EPSON Drucker 2015-10-19 22:04 - 2014-10-11 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software 2015-10-19 22:04 - 2014-10-11 13:40 - 00000000 ____D C:\Program Files (x86)\EPSON Software 2015-10-19 22:04 - 2014-10-11 13:40 - 00000000 ____D C:\Program Files (x86)\epson 2015-10-17 10:22 - 2013-12-11 21:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-10-17 10:22 - 2013-11-30 23:18 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-17 10:22 - 2013-11-30 23:18 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-16 23:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-10-15 18:23 - 2015-04-15 07:21 - 00000000 ____D C:\Windows\system32\appraiser 2015-10-15 18:23 - 2014-04-30 22:01 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-10-15 16:21 - 2014-05-01 23:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-10-14 22:29 - 2013-11-30 23:58 - 00000000 ____D C:\Windows\system32\MRT 2015-10-14 22:27 - 2013-11-30 23:58 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-10-14 22:27 - 2013-11-30 22:30 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-08 17:43 - 2015-04-11 22:59 - 00000000 ___SD C:\Windows\system32\GWX 2015-10-08 16:31 - 2015-09-09 18:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2015-10-08 13:36 - 2015-04-11 22:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-01 22:34 - 2013-12-01 22:41 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Alerts 2013-12-01 22:37 - 2013-12-01 22:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Contextual Menu Items 2013-12-01 22:37 - 2013-12-01 22:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Core Data Application 2013-12-01 22:21 - 2013-12-01 22:21 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\CustomDataViews 2013-12-01 22:34 - 2013-12-01 22:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\filter 2013-12-01 22:35 - 2013-12-01 22:35 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\grep 2013-12-01 22:34 - 2013-12-01 22:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\howto 2014-03-20 23:51 - 2014-03-20 23:51 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\laserjet 2015-09-16 20:40 - 2015-09-16 20:40 - 0007609 _____ () C:\Users\ToDaKo\AppData\Local\Resmon.ResmonCfg 2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 _____ () C:\Users\ToDaKo\AppData\Local\setup.txt 2013-12-01 22:34 - 2013-12-01 22:41 - 0000268 ___RH () C:\ProgramData\Analog Pad 2013-12-01 22:35 - 2013-12-01 22:35 - 0000012 ___RH () C:\ProgramData\Analog Sync 2013-12-01 22:34 - 2013-12-01 22:34 - 0000012 ___RH () C:\ProgramData\Applause and Laugher 2014-03-20 23:51 - 2014-03-20 23:51 - 0000012 ___RH () C:\ProgramData\Audio 2013-12-01 22:34 - 2013-12-01 22:41 - 0000012 ___RH () C:\ProgramData\Bundle 2013-12-01 22:37 - 2013-12-01 22:37 - 0000268 ___RH () C:\ProgramData\Dance Kit 2013-12-01 22:37 - 2013-12-01 22:37 - 0000268 ___RH () C:\ProgramData\Database 2013-12-01 22:21 - 2013-12-01 22:21 - 0000268 ___RH () C:\ProgramData\Definition Bundle 2013-12-01 22:37 - 2013-12-01 22:37 - 0000012 ___RH () C:\ProgramData\Jingles 2013-12-01 22:37 - 2013-12-01 22:37 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts 2013-12-01 22:34 - 2013-12-01 22:34 - 0000268 ___RH () C:\ProgramData\laserjet 2013-12-01 22:21 - 2013-12-01 22:21 - 0000012 ___RH () C:\ProgramData\LaserPrinter 2013-12-01 22:35 - 2013-12-01 22:35 - 0000268 ___RH () C:\ProgramData\libiconv 2013-12-01 22:34 - 2013-12-01 22:34 - 0000268 ___RH () C:\ProgramData\manual 2013-12-01 22:37 - 2015-11-01 20:27 - 0000020 ____H () C:\ProgramData\PKP_DLbw.DAT 2013-12-01 22:35 - 2015-11-01 20:27 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT 2013-12-01 22:21 - 2015-11-01 20:27 - 0000020 ____H () C:\ProgramData\PKP_DLbz.DAT 2013-12-01 22:34 - 2013-12-01 22:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT 2013-12-01 22:35 - 2014-06-10 09:17 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT 2013-12-01 22:34 - 2015-06-29 18:35 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT 2013-12-01 22:34 - 2014-06-16 14:54 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT 2014-03-20 23:51 - 2014-03-20 23:51 - 0000020 ____H () C:\ProgramData\PKP_DLex.DAT 2013-12-01 22:41 - 2013-12-01 22:41 - 0000000 _____ () C:\ProgramData\User Pictures 2014-03-20 23:51 - 2014-03-20 23:51 - 0000268 ___RH () C:\ProgramData\vhosts Einige Dateien in TEMP: ==================== C:\Users\ToDaKo\AppData\Local\Temp\avgnt.exe C:\Users\ToDaKo\AppData\Local\Temp\Quarantine.exe C:\Users\ToDaKo\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-12 17:52 ==================== Ende von FRST.txt ============================ |
| Themen zu Windows 7: Avira meldet Maleware |
| 'html/infected.webpage.gen2, .html, aktion, anzeige, avg, avira, browser-schutz, datei, daten, dnsapi.dll, ereignisse, gefunde, html/infected.webpage.gen, html/infected.webpage.gen2, maleware, malware, melde, meldet, programm, referrer, unerwünschtes, unerwünschtes programm, virus, windows, windows 7, zugriff |
Baum-Darstellung