|
Log-Analyse und Auswertung: Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.11.2015, 21:34 | #1 |
| Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt Hallo, mein Avira meldete heute den Fund PUA/InstallMonetizer.Gen. Ich habe es in die Quarantäne gesteckt bzw. das Programm entfernt. Danach habe ich einen Scan mit MBAM durchgeführt und es wurde ebenfalls etwas gefunden. Danach habe ich noch 1. AdwCleaner 2. JRT ausgeführt. Es wurden anscheinend mehrere Sachen gefunden, die ich in die Quarantäne gesteckt habe. Ich kenn mich leider nicht sehr gut aus. Daher wäre ich über Hilfe dankbar, ob mein PC wieder "sauber" ist. Ich hoffe, dass ich unter dem richtigen Thema gepostet habe und bedanke mich schon mal! Hier die Logfiles: Code:
ATTFilter Antivirus Pro Erstellungsdatum der Reportdatei: Donnerstag, 12. November 2015 14:34 Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Tobias ******* Seriennummer : ******** Plattform : Windows 7 Professional Windowsversion : (Service Pack 1) [6.1.7601] Boot Modus : Normal gebootet Benutzername : SYSTEM Computername : NBTOBIAS1 Versionsinformationen: BUILD.DAT : 15.0.13.210 92152 Bytes 05.10.2015 15:51:00 AVSCAN.EXE : 15.0.13.202 1183208 Bytes 07.10.2015 14:20:25 AVSCANRC.DLL : 15.0.13.158 67688 Bytes 07.10.2015 14:20:25 LUKE.DLL : 15.0.13.190 69248 Bytes 07.10.2015 14:20:43 AVSCPLR.DLL : 15.0.13.202 106352 Bytes 07.10.2015 14:20:25 REPAIR.DLL : 15.0.13.193 517328 Bytes 07.10.2015 14:20:25 REPAIR.RDF : 1.0.11.94 1238077 Bytes 12.11.2015 11:24:32 AVREG.DLL : 15.0.13.193 339632 Bytes 07.10.2015 14:20:24 AVLODE.DLL : 15.0.13.193 633688 Bytes 07.10.2015 14:20:23 AVLODE.RDF : 14.0.5.6 84211 Bytes 31.08.2015 06:42:56 XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 16:46:52 XBV00209.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:41 XBV00210.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:41 XBV00211.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:41 XBV00212.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00213.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00214.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00215.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00216.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00217.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00218.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00219.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:42 XBV00220.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:43 XBV00221.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:43 XBV00222.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00223.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00224.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00225.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00226.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00227.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00228.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:44 XBV00229.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00230.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00231.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00232.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00233.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00234.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00235.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:45 XBV00236.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00237.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00238.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00239.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00240.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00241.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00242.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:46 XBV00243.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00244.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00245.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00246.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00247.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00248.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00249.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:47 XBV00250.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:48 XBV00251.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:48 XBV00252.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:48 XBV00253.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:48 XBV00254.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:48 XBV00255.VDF : 8.12.21.126 2048 Bytes 27.10.2015 19:25:48 XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 16:17:42 XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 16:53:37 XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 11:40:33 XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 14:28:54 XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 05:59:39 XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 16:24:11 XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 12:57:58 XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:35:43 XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 16:46:51 XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 13:09:36 XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 15:58:33 XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 15:58:16 XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 16:23:14 XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 12:19:36 XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 12:45:01 XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 18:11:18 XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 19:53:03 XBV00017.VDF : 8.11.219.166 2033664 Bytes 25.03.2015 11:31:54 XBV00018.VDF : 8.11.225.88 2367488 Bytes 22.04.2015 19:05:09 XBV00019.VDF : 8.11.230.186 1674752 Bytes 13.05.2015 10:35:38 XBV00020.VDF : 8.11.237.30 4711936 Bytes 02.06.2015 14:43:28 XBV00021.VDF : 8.11.243.12 2747904 Bytes 26.06.2015 20:50:14 XBV00022.VDF : 8.11.248.172 2350592 Bytes 17.07.2015 15:39:23 XBV00023.VDF : 8.11.254.112 2570752 Bytes 07.08.2015 08:26:23 XBV00024.VDF : 8.12.3.6 2196480 Bytes 27.08.2015 08:06:52 XBV00025.VDF : 8.12.8.238 1951232 Bytes 16.09.2015 12:01:33 XBV00026.VDF : 8.12.16.180 2211328 Bytes 07.10.2015 08:52:27 XBV00027.VDF : 8.12.21.126 2252288 Bytes 27.10.2015 19:25:14 XBV00042.VDF : 8.12.21.128 20992 Bytes 27.10.2015 08:11:25 XBV00043.VDF : 8.12.21.130 19456 Bytes 27.10.2015 08:11:25 XBV00044.VDF : 8.12.21.132 30208 Bytes 28.10.2015 08:11:25 XBV00045.VDF : 8.12.21.136 31744 Bytes 28.10.2015 08:11:25 XBV00046.VDF : 8.12.21.138 18432 Bytes 28.10.2015 11:47:19 XBV00047.VDF : 8.12.21.140 2048 Bytes 28.10.2015 11:47:19 XBV00048.VDF : 8.12.21.170 35328 Bytes 28.10.2015 11:47:19 XBV00049.VDF : 8.12.21.208 2048 Bytes 28.10.2015 19:08:36 XBV00050.VDF : 8.12.21.210 23040 Bytes 28.10.2015 19:08:37 XBV00051.VDF : 8.12.21.238 47616 Bytes 28.10.2015 19:08:38 XBV00052.VDF : 8.12.22.10 2048 Bytes 28.10.2015 19:08:39 XBV00053.VDF : 8.12.22.38 12288 Bytes 28.10.2015 19:08:39 XBV00054.VDF : 8.12.22.40 2048 Bytes 28.10.2015 19:08:39 XBV00055.VDF : 8.12.22.68 30720 Bytes 28.10.2015 07:39:22 XBV00056.VDF : 8.12.22.70 2048 Bytes 28.10.2015 07:39:22 XBV00057.VDF : 8.12.22.72 8704 Bytes 28.10.2015 07:39:22 XBV00058.VDF : 8.12.22.74 2560 Bytes 28.10.2015 07:39:22 XBV00059.VDF : 8.12.22.76 2048 Bytes 28.10.2015 07:39:22 XBV00060.VDF : 8.12.22.80 4608 Bytes 29.10.2015 19:05:13 XBV00061.VDF : 8.12.22.82 2048 Bytes 29.10.2015 19:05:13 XBV00062.VDF : 8.12.22.84 14848 Bytes 29.10.2015 19:05:13 XBV00063.VDF : 8.12.22.90 82432 Bytes 29.10.2015 21:05:07 XBV00064.VDF : 8.12.22.92 2048 Bytes 29.10.2015 21:05:07 XBV00065.VDF : 8.12.22.96 22528 Bytes 29.10.2015 16:54:54 XBV00066.VDF : 8.12.22.98 2048 Bytes 29.10.2015 16:54:54 XBV00067.VDF : 8.12.22.102 60928 Bytes 30.10.2015 16:54:54 XBV00068.VDF : 8.12.22.126 9216 Bytes 30.10.2015 16:54:54 XBV00069.VDF : 8.12.22.146 6656 Bytes 30.10.2015 16:54:54 XBV00070.VDF : 8.12.22.166 25088 Bytes 30.10.2015 16:54:54 XBV00071.VDF : 8.12.22.190 23552 Bytes 30.10.2015 16:54:54 XBV00072.VDF : 8.12.22.192 2048 Bytes 30.10.2015 16:54:54 XBV00073.VDF : 8.12.22.194 9216 Bytes 30.10.2015 15:41:05 XBV00074.VDF : 8.12.22.196 11264 Bytes 30.10.2015 15:41:05 XBV00075.VDF : 8.12.22.198 10752 Bytes 30.10.2015 15:41:05 XBV00076.VDF : 8.12.22.200 2048 Bytes 30.10.2015 15:41:05 XBV00077.VDF : 8.12.22.202 13824 Bytes 30.10.2015 15:41:06 XBV00078.VDF : 8.12.22.204 8704 Bytes 30.10.2015 15:41:06 XBV00079.VDF : 8.12.22.206 10240 Bytes 30.10.2015 15:41:06 XBV00080.VDF : 8.12.22.208 8192 Bytes 30.10.2015 15:41:06 XBV00081.VDF : 8.12.22.230 41472 Bytes 31.10.2015 15:41:06 XBV00082.VDF : 8.12.22.250 2048 Bytes 31.10.2015 15:41:06 XBV00083.VDF : 8.12.23.14 2048 Bytes 31.10.2015 15:41:06 XBV00084.VDF : 8.12.23.34 9728 Bytes 31.10.2015 15:41:06 XBV00085.VDF : 8.12.23.54 6144 Bytes 31.10.2015 15:41:07 XBV00086.VDF : 8.12.23.74 7168 Bytes 31.10.2015 15:41:07 XBV00087.VDF : 8.12.23.76 5632 Bytes 31.10.2015 15:41:07 XBV00088.VDF : 8.12.23.78 41984 Bytes 01.11.2015 15:41:07 XBV00089.VDF : 8.12.23.80 2048 Bytes 01.11.2015 15:41:07 XBV00090.VDF : 8.12.23.102 16896 Bytes 01.11.2015 15:41:07 XBV00091.VDF : 8.12.23.156 94720 Bytes 01.11.2015 07:12:33 XBV00092.VDF : 8.12.23.176 41472 Bytes 02.11.2015 07:12:33 XBV00093.VDF : 8.12.23.212 8704 Bytes 02.11.2015 07:12:33 XBV00094.VDF : 8.12.23.230 5632 Bytes 02.11.2015 09:12:38 XBV00095.VDF : 8.12.23.248 8192 Bytes 02.11.2015 17:19:40 XBV00096.VDF : 8.12.24.10 11264 Bytes 02.11.2015 17:19:40 XBV00097.VDF : 8.12.24.14 35328 Bytes 02.11.2015 17:19:40 XBV00098.VDF : 8.12.24.16 2048 Bytes 02.11.2015 17:19:40 XBV00099.VDF : 8.12.24.18 26624 Bytes 02.11.2015 10:43:09 XBV00100.VDF : 8.12.24.20 2048 Bytes 02.11.2015 10:43:09 XBV00101.VDF : 8.12.24.38 12288 Bytes 02.11.2015 10:43:09 XBV00102.VDF : 8.12.24.54 11264 Bytes 03.11.2015 10:43:09 XBV00103.VDF : 8.12.24.72 28672 Bytes 03.11.2015 10:43:09 XBV00104.VDF : 8.12.24.88 9216 Bytes 03.11.2015 15:55:09 XBV00105.VDF : 8.12.24.90 2048 Bytes 03.11.2015 15:55:09 XBV00106.VDF : 8.12.24.92 24576 Bytes 03.11.2015 15:55:09 XBV00107.VDF : 8.12.24.98 53248 Bytes 03.11.2015 06:48:06 XBV00108.VDF : 8.12.24.114 9728 Bytes 03.11.2015 06:48:06 XBV00109.VDF : 8.12.24.116 2048 Bytes 03.11.2015 06:48:06 XBV00110.VDF : 8.12.24.132 7680 Bytes 03.11.2015 06:48:06 XBV00111.VDF : 8.12.24.134 2048 Bytes 03.11.2015 06:48:06 XBV00112.VDF : 8.12.24.150 32768 Bytes 04.11.2015 06:48:06 XBV00113.VDF : 8.12.24.170 34816 Bytes 04.11.2015 08:47:56 XBV00114.VDF : 8.12.24.186 2048 Bytes 04.11.2015 08:47:56 XBV00115.VDF : 8.12.24.200 64512 Bytes 04.11.2015 11:09:30 XBV00116.VDF : 8.12.24.214 10240 Bytes 04.11.2015 16:08:19 XBV00117.VDF : 8.12.24.228 2048 Bytes 04.11.2015 16:08:20 XBV00118.VDF : 8.12.24.244 28672 Bytes 04.11.2015 18:08:24 XBV00119.VDF : 8.12.25.2 11776 Bytes 04.11.2015 07:49:21 XBV00120.VDF : 8.12.25.16 50688 Bytes 04.11.2015 07:49:21 XBV00121.VDF : 8.12.25.18 15360 Bytes 04.11.2015 07:49:21 XBV00122.VDF : 8.12.25.20 9216 Bytes 04.11.2015 07:49:21 XBV00123.VDF : 8.12.25.34 8704 Bytes 04.11.2015 07:49:21 XBV00124.VDF : 8.12.25.36 2048 Bytes 04.11.2015 07:49:21 XBV00125.VDF : 8.12.25.48 4096 Bytes 04.11.2015 07:49:21 XBV00126.VDF : 8.12.25.62 46080 Bytes 05.11.2015 07:49:21 XBV00127.VDF : 8.12.25.74 16896 Bytes 05.11.2015 15:00:04 XBV00128.VDF : 8.12.25.76 14336 Bytes 05.11.2015 15:00:04 XBV00129.VDF : 8.12.25.78 20992 Bytes 05.11.2015 15:00:04 XBV00130.VDF : 8.12.25.82 34816 Bytes 05.11.2015 16:59:58 XBV00131.VDF : 8.12.25.94 10752 Bytes 05.11.2015 21:33:01 XBV00132.VDF : 8.12.25.106 15872 Bytes 05.11.2015 21:33:01 XBV00133.VDF : 8.12.25.118 2048 Bytes 05.11.2015 21:33:01 XBV00134.VDF : 8.12.25.130 2048 Bytes 05.11.2015 21:33:01 XBV00135.VDF : 8.12.25.142 32768 Bytes 05.11.2015 23:32:46 XBV00136.VDF : 8.12.25.154 16384 Bytes 05.11.2015 23:32:46 XBV00137.VDF : 8.12.25.156 2048 Bytes 05.11.2015 23:32:46 XBV00138.VDF : 8.12.25.158 12288 Bytes 05.11.2015 09:49:13 XBV00139.VDF : 8.12.25.160 6656 Bytes 06.11.2015 09:49:13 XBV00140.VDF : 8.12.25.166 30208 Bytes 06.11.2015 09:49:13 XBV00141.VDF : 8.12.25.168 2048 Bytes 06.11.2015 09:49:13 XBV00142.VDF : 8.12.25.180 15872 Bytes 06.11.2015 21:44:13 XBV00143.VDF : 8.12.25.190 7168 Bytes 06.11.2015 21:44:13 XBV00144.VDF : 8.12.25.192 15360 Bytes 06.11.2015 21:44:13 XBV00145.VDF : 8.12.25.202 6144 Bytes 06.11.2015 21:44:13 XBV00146.VDF : 8.12.25.214 55296 Bytes 06.11.2015 21:44:13 XBV00147.VDF : 8.12.25.216 2048 Bytes 06.11.2015 21:44:13 XBV00148.VDF : 8.12.25.226 7168 Bytes 06.11.2015 07:28:42 XBV00149.VDF : 8.12.25.236 3072 Bytes 06.11.2015 07:28:42 XBV00150.VDF : 8.12.25.246 2048 Bytes 06.11.2015 07:28:42 XBV00151.VDF : 8.12.26.0 19456 Bytes 06.11.2015 07:28:42 XBV00152.VDF : 8.12.26.10 2048 Bytes 06.11.2015 07:28:42 XBV00153.VDF : 8.12.26.12 2048 Bytes 06.11.2015 07:28:42 XBV00154.VDF : 8.12.26.24 40960 Bytes 07.11.2015 10:57:13 XBV00155.VDF : 8.12.26.34 4608 Bytes 07.11.2015 10:57:14 XBV00156.VDF : 8.12.26.42 6144 Bytes 07.11.2015 07:58:46 XBV00157.VDF : 8.12.26.50 10752 Bytes 07.11.2015 07:58:46 XBV00158.VDF : 8.12.26.58 7680 Bytes 07.11.2015 07:58:46 XBV00159.VDF : 8.12.26.60 57856 Bytes 08.11.2015 09:58:24 XBV00160.VDF : 8.12.26.68 2048 Bytes 08.11.2015 09:58:24 XBV00161.VDF : 8.12.26.78 27648 Bytes 08.11.2015 18:58:24 XBV00162.VDF : 8.12.26.86 2048 Bytes 08.11.2015 18:58:24 XBV00163.VDF : 8.12.26.94 45056 Bytes 09.11.2015 14:33:58 XBV00164.VDF : 8.12.26.102 6656 Bytes 09.11.2015 14:33:58 XBV00165.VDF : 8.12.26.110 11776 Bytes 09.11.2015 14:33:58 XBV00166.VDF : 8.12.26.112 2048 Bytes 09.11.2015 14:33:58 XBV00167.VDF : 8.12.26.118 6656 Bytes 09.11.2015 14:33:58 XBV00168.VDF : 8.12.26.124 23552 Bytes 09.11.2015 14:33:58 XBV00169.VDF : 8.12.26.130 4096 Bytes 09.11.2015 14:33:58 XBV00170.VDF : 8.12.26.136 17408 Bytes 09.11.2015 21:29:22 XBV00171.VDF : 8.12.26.138 20480 Bytes 09.11.2015 21:29:22 XBV00172.VDF : 8.12.26.154 21504 Bytes 09.11.2015 21:29:22 XBV00173.VDF : 8.12.26.156 9728 Bytes 09.11.2015 21:29:22 XBV00174.VDF : 8.12.26.158 4608 Bytes 09.11.2015 11:17:31 XBV00175.VDF : 8.12.26.160 6144 Bytes 09.11.2015 11:17:31 XBV00176.VDF : 8.12.26.162 7680 Bytes 09.11.2015 11:17:31 XBV00177.VDF : 8.12.26.166 22016 Bytes 10.11.2015 11:17:31 XBV00178.VDF : 8.12.26.172 10752 Bytes 10.11.2015 11:17:31 XBV00179.VDF : 8.12.26.178 6656 Bytes 10.11.2015 11:17:31 XBV00180.VDF : 8.12.26.184 5120 Bytes 10.11.2015 11:17:31 XBV00181.VDF : 8.12.26.190 7680 Bytes 10.11.2015 11:17:31 XBV00182.VDF : 8.12.26.192 2048 Bytes 10.11.2015 11:17:31 XBV00183.VDF : 8.12.26.194 5632 Bytes 10.11.2015 11:17:31 XBV00184.VDF : 8.12.26.196 24064 Bytes 10.11.2015 11:17:32 XBV00185.VDF : 8.12.26.198 8192 Bytes 10.11.2015 11:17:32 XBV00186.VDF : 8.12.26.200 8704 Bytes 10.11.2015 11:17:32 XBV00187.VDF : 8.12.26.202 2048 Bytes 10.11.2015 11:17:32 XBV00188.VDF : 8.12.26.204 2048 Bytes 10.11.2015 11:17:32 XBV00189.VDF : 8.12.26.206 7168 Bytes 10.11.2015 11:17:32 XBV00190.VDF : 8.12.26.208 2048 Bytes 10.11.2015 11:17:32 XBV00191.VDF : 8.12.26.210 17920 Bytes 10.11.2015 11:17:32 XBV00192.VDF : 8.12.26.218 21504 Bytes 11.11.2015 11:17:32 XBV00193.VDF : 8.12.26.222 11776 Bytes 11.11.2015 15:55:07 XBV00194.VDF : 8.12.26.226 7168 Bytes 11.11.2015 19:55:03 XBV00195.VDF : 8.12.26.230 2048 Bytes 11.11.2015 19:55:03 XBV00196.VDF : 8.12.26.236 15872 Bytes 11.11.2015 19:55:03 XBV00197.VDF : 8.12.26.240 13312 Bytes 11.11.2015 19:55:03 XBV00198.VDF : 8.12.26.242 5120 Bytes 11.11.2015 21:55:05 XBV00199.VDF : 8.12.26.244 10240 Bytes 11.11.2015 21:55:05 XBV00200.VDF : 8.12.26.246 8704 Bytes 11.11.2015 11:24:27 XBV00201.VDF : 8.12.26.248 9728 Bytes 11.11.2015 11:24:27 XBV00202.VDF : 8.12.26.250 8704 Bytes 11.11.2015 11:24:27 XBV00203.VDF : 8.12.26.254 20992 Bytes 12.11.2015 11:24:28 XBV00204.VDF : 8.12.27.2 6144 Bytes 12.11.2015 11:24:28 XBV00205.VDF : 8.12.27.6 4608 Bytes 12.11.2015 11:24:28 XBV00206.VDF : 8.12.27.16 11264 Bytes 12.11.2015 11:24:28 XBV00207.VDF : 8.12.27.26 2048 Bytes 12.11.2015 11:24:28 XBV00208.VDF : 8.12.27.36 27136 Bytes 12.11.2015 11:24:28 LOCAL000.VDF : 8.12.27.36 144164864 Bytes 12.11.2015 11:25:27 Engineversion : 8.3.34.64 AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 16:46:45 AECORE.DLL : 8.3.8.0 249920 Bytes 29.08.2015 08:06:13 AEDROID.DLL : 8.4.3.348 1800104 Bytes 06.11.2015 21:44:13 AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 16:46:45 AEEXP.DLL : 8.4.2.130 273264 Bytes 06.11.2015 21:44:12 AEGEN.DLL : 8.1.8.0 479288 Bytes 06.11.2015 21:44:08 AEHELP.DLL : 8.3.2.2 281456 Bytes 01.07.2015 20:50:09 AEHEUR.DLL : 8.1.4.2024 8806464 Bytes 06.11.2015 21:44:11 AEMOBILE.DLL : 8.1.8.8 300968 Bytes 06.11.2015 21:44:13 AEOFFICE.DLL : 8.3.1.56 408432 Bytes 19.10.2015 14:32:32 AEPACK.DLL : 8.4.1.18 802880 Bytes 27.10.2015 15:25:02 AERDL.DLL : 8.2.1.38 813928 Bytes 06.11.2015 21:44:11 AESBX.DLL : 8.2.21.2 1629032 Bytes 06.11.2015 21:44:12 AESCN.DLL : 8.3.3.2 141216 Bytes 26.08.2015 18:36:38 AESCRIPT.DLL : 8.2.4.8 539776 Bytes 06.11.2015 21:44:11 AEVDF.DLL : 8.3.2.2 141216 Bytes 26.08.2015 18:36:38 AVWINLL.DLL : 15.0.13.158 29600 Bytes 07.10.2015 14:20:19 AVPREF.DLL : 15.0.13.158 55864 Bytes 07.10.2015 14:20:24 AVREP.DLL : 15.0.13.158 225320 Bytes 07.10.2015 14:20:24 AVARKT.DLL : 15.0.13.158 232000 Bytes 07.10.2015 14:20:20 AVEVTLOG.DLL : 15.0.13.190 202112 Bytes 07.10.2015 14:20:21 SQLITE3.DLL : 15.0.13.158 461672 Bytes 07.10.2015 14:20:46 AVSMTP.DLL : 15.0.13.158 82120 Bytes 07.10.2015 14:20:26 NETNT.DLL : 15.0.13.158 18792 Bytes 07.10.2015 14:20:44 CommonImageRc.dll: 15.0.13.190 4308216 Bytes 07.10.2015 14:20:19 CommonTextRc.dll: 15.0.13.158 70784 Bytes 07.10.2015 14:20:19 Konfiguration für den aktuellen Suchlauf: Job Name..............................: AVGuardAsyncScan Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_56446b82\guard_slideup.avp Protokollierung.......................: standard Primäre Aktion........................: Reparieren Sekundäre Aktion......................: Quarantäne Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: aus Durchsuche aktive Programme...........: ein Durchsuche Registrierung..............: aus Suche nach Rootkits...................: aus Integritätsprüfung von Systemdateien..: aus Prüfe alle Dateien....................: Alle Dateien Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: Vollständig Beginn des Suchlaufs: Donnerstag, 12. November 2015 14:34 Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht Durchsuche Prozess 'HPFSService.exe' - '25' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '100' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '127' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '167' Modul(e) wurden durchsucht Durchsuche Prozess 'STacSV64.exe' - '39' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'TrustedInstaller.exe' - '75' Modul(e) wurden durchsucht Durchsuche Prozess 'Hpservice.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'vcsFPService.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '92' Modul(e) wurden durchsucht Durchsuche Prozess 'WLANExt.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht Durchsuche Prozess 'spoolsv.exe' - '104' Modul(e) wurden durchsucht Durchsuche Prozess 'DpHostW.exe' - '161' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '85' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'AESTSr64.exe' - '8' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '129' Modul(e) wurden durchsucht Durchsuche Prozess 'AppleMobileDeviceService.exe' - '67' Modul(e) wurden durchsucht Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '58' Modul(e) wurden durchsucht Durchsuche Prozess 'HPDrvMntSvc.exe' - '23' Modul(e) wurden durchsucht Durchsuche Prozess 'HpHotkeyMonitor.exe' - '56' Modul(e) wurden durchsucht Durchsuche Prozess 'jhi_service.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'MfeEpeHost.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'mitsijm.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'NitroPDFReaderDriverService3x64.exe' - '19' Modul(e) wurden durchsucht Durchsuche Prozess 'pdisrvc.exe' - '31' Modul(e) wurden durchsucht Durchsuche Prozess 'rfx-server.exe' - '91' Modul(e) wurden durchsucht Durchsuche Prozess 'sftvsa.exe' - '32' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht Durchsuche Prozess 'TuneUpUtilitiesService64.exe' - '64' Modul(e) wurden durchsucht Durchsuche Prozess 'uArcCapture.exe' - '53' Modul(e) wurden durchsucht Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'unsecapp.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiprvse.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'sftlist.exe' - '87' Modul(e) wurden durchsucht Durchsuche Prozess 'CVHSVC.EXE' - '68' Modul(e) wurden durchsucht Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht Durchsuche Prozess 'avmailc7.exe' - '55' Modul(e) wurden durchsucht Durchsuche Prozess 'avwebg7.exe' - '57' Modul(e) wurden durchsucht Durchsuche Prozess 'hpqWmiEx.exe' - '49' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchIndexer.exe' - '63' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'atieclxx.exe' - '34' Modul(e) wurden durchsucht Durchsuche Prozess 'taskhost.exe' - '69' Modul(e) wurden durchsucht Durchsuche Prozess 'TuneUpUtilitiesApp64.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'Dwm.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'Explorer.EXE' - '216' Modul(e) wurden durchsucht Durchsuche Prozess 'igfxtray.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'hkcmd.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'igfxpers.exe' - '49' Modul(e) wurden durchsucht Durchsuche Prozess 'sttray64.exe' - '40' Modul(e) wurden durchsucht Durchsuche Prozess 'SynTPEnh.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'owncloud.exe' - '94' Modul(e) wurden durchsucht Durchsuche Prozess 'OneDrive.exe' - '120' Modul(e) wurden durchsucht Durchsuche Prozess 'SYNTPHELPER.EXE' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'netsession_win.exe' - '48' Modul(e) wurden durchsucht Durchsuche Prozess 'Dropbox.exe' - '127' Modul(e) wurden durchsucht Durchsuche Prozess 'ONENOTEM.EXE' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'GWX.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'netsession_win.exe' - '74' Modul(e) wurden durchsucht Durchsuche Prozess 'nusb3mon.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorIcon.exe' - '56' Modul(e) wurden durchsucht Durchsuche Prozess 'TUAutoReactivator64.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'razerhid.exe' - '42' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '114' Modul(e) wurden durchsucht Durchsuche Prozess 'Monitor.exe' - '64' Modul(e) wurden durchsucht Durchsuche Prozess 'QLBController.exe' - '110' Modul(e) wurden durchsucht Durchsuche Prozess 'CNMNSST.exe' - '54' Modul(e) wurden durchsucht Durchsuche Prozess 'razerofa.exe' - '21' Modul(e) wurden durchsucht Durchsuche Prozess 'wmpnetwk.exe' - '126' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht Durchsuche Prozess 'hpsa_service.exe' - '74' Modul(e) wurden durchsucht Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '53' Modul(e) wurden durchsucht Durchsuche Prozess 'LMS.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht Durchsuche Prozess 'DllHost.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'UNS.exe' - '45' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'TUAutoReactivator64.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'cvpnd.exe' - '73' Modul(e) wurden durchsucht Durchsuche Prozess 'vpngui.exe' - '58' Modul(e) wurden durchsucht Durchsuche Prozess 'TUAutoReactivator64.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'firefox.exe' - '174' Modul(e) wurden durchsucht Durchsuche Prozess 'iexplore.exe' - '115' Modul(e) wurden durchsucht Durchsuche Prozess 'IEXPLORE.EXE' - '152' Modul(e) wurden durchsucht Durchsuche Prozess 'TUAutoReactivator64.exe' - '28' Modul(e) wurden durchsucht Durchsuche Prozess 'AcroRd32.exe' - '96' Modul(e) wurden durchsucht Durchsuche Prozess 'RdrCEF.exe' - '72' Modul(e) wurden durchsucht Durchsuche Prozess 'RdrCEF.exe' - '56' Modul(e) wurden durchsucht Durchsuche Prozess 'splwow64.exe' - '39' Modul(e) wurden durchsucht Durchsuche Prozess 'pdf24-Creator.exe' - '81' Modul(e) wurden durchsucht Durchsuche Prozess 'pdf24.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'MpCmdRun.exe' - '43' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '118' Modul(e) wurden durchsucht Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht Durchsuche Prozess 'winlogon.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht Durchsuche Prozess 'lsass.exe' - '81' Modul(e) wurden durchsucht Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\Users\tobias\Downloads\Google_Books_25Downloader.exe' C:\Users\tobias\Downloads\Google_Books_25Downloader.exe [0] Archivtyp: NSIS --> ProgramFilesDir/[PluginsDir]/nsHTML5.dll [FUND] Enthält Muster der Software PUA/InstallMonetizer.Gen [WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden [HINWEIS] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden! [HINWEIS] Die Datei existiert nicht! Ende des Suchlaufs: Donnerstag, 12. November 2015 14:37 Benötigte Zeit: 03:07 Minute(n) Der Suchlauf wurde vollständig durchgeführt. 0 Verzeichnisse wurden überprüft 2787 Dateien wurden geprüft 1 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 2786 Dateien ohne Befall 7 Archive wurden durchsucht 1 Warnungen 1 Hinweise Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 12.11.2015 Suchlaufzeit: 17:41 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.12.04 Rootkit-Datenbank: v2015.11.04.02 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: tobias Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 406016 Abgelaufene Zeit: 27 Min., 43 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 6 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE, In Quarantäne, [fe269ce18209af87d0c19a1fd82bec14], RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MONITOR.EXE, In Quarantäne, [f3319fde6b20f244936a8931c93a7e82], PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, In Quarantäne, [b66e1469bad153e31f6aaacc887bc13f], RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE, In Quarantäne, [a2824934cfbc63d3deb3d3e60af9be42], RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MONITOR.EXE, In Quarantäne, [dd477607a6e5a690c83504b6748fd52b], PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, In Quarantäne, [ed377607810aef47f990e78f60a39967], Registrierungswerte: 6 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe", In Quarantäne, [fe269ce18209af87d0c19a1fd82bec14] RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MONITOR.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe", In Quarantäne, [f3319fde6b20f244936a8931c93a7e82] PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe", In Quarantäne, [b66e1469bad153e31f6aaacc887bc13f] RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe", In Quarantäne, [a2824934cfbc63d3deb3d3e60af9be42] RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MONITOR.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe", In Quarantäne, [dd477607a6e5a690c83504b6748fd52b] PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|Debugger, "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe", In Quarantäne, [ed377607810aef47f990e78f60a39967] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.ASK.Gen, C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\askcom.xml, In Quarantäne, [a87c4934dab137ffd4728feb1be92bd5], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.019 - Bericht erstellt am 12/11/2015 um 18:38:32 # Aktualisiert am 08/11/2015 von Xplode # Datenbank : 2015-11-08.2 [Lokal] # Betriebssystem : Windows 7 Professional Service Pack 1 (x64) # Benutzername : tobias - NBTOBIAS1 # Gestartet von : C:\Users\tobias\Desktop\AdwCleaner_5.019.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\Tobit [-] Ordner Gelöscht : C:\Users\tobias\AppData\Roaming\Tobit ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\tobias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk [-] Datei Gelöscht : C:\Users\tobias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Startfenster.lnk [-] Datei Gelöscht : C:\Users\tobias\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk [-] Datei Gelöscht : C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi [-] Datei Gelöscht : C:\Users\tobias\Favorites\Startfenster.lnk [-] Datei Gelöscht : C:\Users\tobias\Favorites\Startfenster.lnk [-] Datei Gelöscht : C:\Users\tobias\Favorites\Links\Startfenster.lnk [-] Datei Gelöscht : C:\Users\tobias\Favorites\Links\Startfenster.lnk ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\Softonic [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EAEBDFAA-511F-4484-9EC4-4C0169585619} [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} ***** [ Internetbrowser ] ***** [-] [C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com"); [-] [C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxps://www.ixquick.com/"); ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3916 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.2 (09.14.2015:1) OS: Windows 7 Professional x64 Ran by tobias on 12.11.2015 at 19:05:09,69 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2012 ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\TuneUp Undelete Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\TuneUp Disk Space Explorer Shell Extension Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ~~~ Files Successfully deleted: [File] C:\windows\SysWOW64\sho2397.tmp Successfully deleted: [File] C:\windows\SysWOW64\sho479A.tmp Successfully deleted: [File] C:\windows\SysWOW64\sho751.tmp Successfully deleted: [File] C:\windows\SysWOW64\shoA9A.tmp ~~~ Folders Successfully deleted: [Folder] C:\Users\tobias\AppData\Roaming\pdfforge ~~~ FireFox Successfully deleted: [File] C:\Users\tobias\AppData\Roaming\mozilla\firefox\profiles\lb2llahf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi Emptied folder: C:\Users\tobias\AppData\Roaming\mozilla\firefox\profiles\lb2llahf.default\minidumps [1308 files] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12.11.2015 at 19:09:19,71 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Geändert von Micro92 (12.11.2015 um 21:53 Uhr) |
13.11.2015, 07:37 | #2 |
/// the machine /// TB-Ausbilder | Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
13.11.2015, 08:16 | #3 |
| Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 durchgeführt von tobias (Administrator) auf NBTOBIAS1 (13-11-2015 08:12:28) Gestartet von C:\Users\tobias\Desktop Geladene Profile: tobias (Verfügbare Profile: tobias) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe () C:\Program Files (x86)\ownCloud\owncloud.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Dropbox, Inc.) C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Akamai Technologies, Inc.) C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe (Dropbox, Inc.) C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Akamai Technologies, Inc.) C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-03-01] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated) HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation) HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] () HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-23] (Apple Inc.) HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2006-11-29] (Ulead Systems, Inc.) HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [228352 2010-04-28] () HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-10-07] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-07-30] (Autodesk Inc.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X] HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe" (Der Dateneintrag hat 65 mehr Zeichen). HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] () HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Dropbox Update] => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Akamai NetSession Interface] => C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {16a9969e-13a0-11e2-b290-e4115b3ba111} - G:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {610c28cf-6508-11e4-a45f-e4115b3ba111} - I:\DTVP_Launcher.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {afccd57f-2c98-11e5-8394-e4115b3ba111} - I:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {afccd58f-2c98-11e5-8394-e4115b3ba111} - I:\AutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\aclauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\activate_matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AdAppMgr.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AdSync.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\agatha christie - peril at end house-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\bejeweled2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\blasterball3-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\bounce-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\buildalot5-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\cake mania-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\cd_label.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\chuzzle deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\deactivate_matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\diner dash 2 restaurant rescue-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\drivegreen1-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\farm frenzy-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\fate-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\gameconsole-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\hppa_main.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\iedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\iedit_.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\insaniquarium-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\ipsecdialer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\jewelquest2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\jqsolitaire-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\mediaimpression.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\netviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\netviewerk6.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\onplay.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\penguins-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\plants vs. zombies-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\polar-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\provider.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\scrconfig.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\scrsetup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\setmtu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\slideshowplayer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\slingo-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\smkonv.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\softpaqdownloadmanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\startstarmoney.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tmextreme.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tmshowbiz.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tunngle.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\udtstart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\uninstalltool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\utmstudioframe.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\uwebcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\virtual villagers - the secret city-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\vpngui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\wedding dash-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\zuma-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2012-03-14] ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11] ShortcutTarget: Dropbox.lnk -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-11-11] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{3B4033D6-F242-4ABB-AFF2-4D1ABD9D54B7}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3842400618-988267013-911341351-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10 SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3842400618-988267013-911341351-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3842400618-988267013-911341351-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-25] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-08-01] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-25] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-08-01] (Microsoft Corporation.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.) FireFox: ======== FF ProfilePath: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default FF Keyword.URL: FF NetworkProxy: "http", "81.169.187.212" FF NetworkProxy: "http_port", 8000 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\google-images.xml [2014-12-14] FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\google-maps.xml [2014-12-14] FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\ixquick-ssl.xml [2014-01-16] FF Extension: Avira Browser Safety - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\abs@avira.com [2015-05-13] [ist nicht signiert] FF Extension: Zotero - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\zotero@chnm.gmu.edu.xpi [2015-02-25] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: DownThemAll! - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-02-05] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-01-27] [ist nicht signiert] FF HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\extensions\cliqz@cliqz.com => nicht gefunden ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1129864 2015-07-30] (Autodesk Inc.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-10-07] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-10-07] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert] S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert] R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.) S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company) S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company) R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [Datei ist nicht signiert] R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert] R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-11] (Autodesk, Inc.) R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc) R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-03-01] (IDT, Inc.) [Datei ist nicht signiert] S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) S4 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software) S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [Datei ist nicht signiert] R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-07] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-07] (Avira Operations GmbH & Co. KG) S3 bthathfax; C:\Windows\System32\DRIVERS\bthathfax.sys [75424 2011-01-06] (Microsoft Corporation) S3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-28] (hxxp://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2612728 2011-02-12] (Sunplus Technology) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] S4 RTWTKRNL; \??\C:\windows\system32\drivers\rtwtkrnl.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-13 08:12 - 2015-11-13 08:13 - 00040309 _____ C:\Users\tobias\Desktop\FRST.txt 2015-11-13 08:11 - 2015-11-13 08:11 - 00000000 ___HD C:\OneDriveTemp 2015-11-13 03:20 - 2015-11-13 08:12 - 00001078 _____ C:\windows\system32dbgraw.bmp 2015-11-12 19:26 - 2015-11-12 19:26 - 00000000 ____D C:\Program Files (x86)\ESET 2015-11-12 19:23 - 2015-11-13 08:12 - 00000000 ____D C:\FRST 2015-11-12 19:02 - 2015-11-12 19:02 - 02870984 _____ (ESET) C:\Users\tobias\Desktop\esetsmartinstaller_deu.exe 2015-11-12 18:53 - 2015-11-12 18:53 - 02198528 _____ (Farbar) C:\Users\tobias\Desktop\FRST64.exe 2015-11-12 18:31 - 2015-11-12 18:38 - 00000000 ____D C:\AdwCleaner 2015-11-12 17:34 - 2015-11-12 18:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-12 17:32 - 2015-11-12 19:26 - 00000000 ____D C:\Users\tobias\Desktop\ReportsVirenScan 2015-11-12 16:56 - 2015-11-12 16:56 - 00001062 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-12 16:56 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys 2015-11-12 16:56 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-11-12 16:56 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2015-11-12 16:49 - 2015-11-12 16:49 - 01798976 _____ (Malwarebytes) C:\Users\tobias\Desktop\JRT.exe 2015-11-12 16:31 - 2015-11-12 16:31 - 01712128 _____ C:\Users\tobias\Desktop\AdwCleaner_5.019.exe 2015-11-12 15:19 - 2013-07-25 22:27 - 659873394 _____ C:\Users\tobias\Downloads\Lie_to_Me_11.08.03_21-15_vox_55_TVOON_DE.mpg.HQ.avi.otrkey 2015-11-12 13:56 - 2015-11-12 13:57 - 00000000 ____D C:\Users\tobias\Downloads\Literatur TVT Tim 2015-11-12 11:08 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-11-11 19:43 - 2015-11-11 19:43 - 00002282 _____ C:\Users\tobias\AppData\Local\recently-used.xbel 2015-11-11 16:51 - 2015-11-11 16:51 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 12:46 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-11-11 12:46 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-11-11 12:46 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-11-11 12:46 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-11-11 12:46 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-11-11 12:46 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-11-11 12:45 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-11-11 12:45 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-11-11 12:45 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-11-11 12:45 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-11-11 12:45 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-11-11 12:45 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-11-11 12:45 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-11-11 12:45 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-11-11 12:45 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-11-11 12:45 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-11-11 12:45 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-11-11 12:45 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-11-11 12:45 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-11-11 12:45 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-11-11 12:45 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-11-11 12:45 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-11-11 12:45 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-11-11 12:45 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-11-11 12:45 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-11-11 12:45 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-11-11 12:45 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-11-11 12:45 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-11-11 12:45 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-11-11 12:45 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-11-11 12:45 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-11-11 12:45 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-11-11 12:45 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-11-11 12:45 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-11-11 12:45 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2015-11-11 12:45 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-11-11 12:45 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-11-11 12:45 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-11-11 12:45 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-11-11 12:45 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-11-11 12:45 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-11-11 12:45 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-11-11 12:45 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-11-11 12:45 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-11-11 12:45 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-11-11 12:45 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-11-11 12:45 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-11 12:45 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-11-11 12:45 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-11-11 12:45 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-11-11 12:45 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-11-11 12:45 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-11-11 12:45 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2015-11-11 12:45 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-11-11 12:45 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-11-11 12:45 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-11-11 12:45 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-11-11 12:45 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-11-11 12:45 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-11-11 12:45 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-11-11 12:45 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-11-11 12:45 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-11-11 12:45 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-11-11 12:45 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-11-11 12:44 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-11-11 12:44 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-11-11 12:44 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-11-11 12:44 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-11-11 12:44 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-11-11 12:44 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-11-11 12:44 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-11-11 12:44 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-11-11 12:44 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-11-11 12:44 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-11-11 12:44 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-11-11 12:44 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-11-11 12:44 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-11-11 12:44 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-11-11 12:44 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-11-11 12:44 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-11-11 12:44 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-11 12:44 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-11-11 12:44 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll 2015-11-11 12:44 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll 2015-11-11 12:43 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-11-11 12:43 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-11-11 12:43 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-11-11 12:43 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-11-11 12:43 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-11 12:43 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys 2015-11-11 12:43 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys 2015-11-11 12:42 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe 2015-11-11 12:42 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll 2015-11-11 12:42 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll 2015-11-11 12:42 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe 2015-11-11 12:42 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2015-11-11 12:42 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll 2015-11-11 12:42 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll 2015-11-11 12:42 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll 2015-11-08 21:15 - 2015-11-08 21:15 - 00016751 _____ C:\Users\tobias\Downloads\The.100.S02E15.HDTV.x264-KILLERS.en.rar 2015-11-08 21:15 - 2015-11-08 21:15 - 00014062 _____ C:\Users\tobias\Downloads\The.100.S02E16.HDTV.x264-KILLERS.en.rar 2015-11-08 21:14 - 2015-11-08 21:14 - 00015594 _____ C:\Users\tobias\Downloads\The.100.S02E14.HDTV.x264-KILLERS.en.rar 2015-11-08 14:48 - 2015-11-08 14:48 - 00000000 ____D C:\Users\tobias\Downloads\Various artists 2015-11-08 14:45 - 2015-11-08 14:45 - 157505792 _____ C:\Users\tobias\Downloads\AmazonMusicDownload.zip 2015-11-08 10:24 - 2015-11-08 10:24 - 00012921 _____ C:\Users\tobias\Downloads\The.100.S02E13.HDTV.x264-KILLERS.en.rar 2015-11-08 09:19 - 2015-11-08 09:11 - 00018116 _____ C:\Users\tobias\Downloads\The.100.S02E12.720p.HDTV.X264-DIMENSION.en.rar 2015-11-04 09:53 - 2015-11-04 09:53 - 00000000 ____D C:\Users\tobias\AppData\Local\CEF 2015-11-04 09:50 - 2015-11-07 12:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-04 09:50 - 2015-11-04 09:50 - 00002007 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-11-04 09:50 - 2015-11-04 09:50 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-03 18:51 - 2015-11-03 18:51 - 00000833 _____ C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2015-11-03 18:51 - 2015-11-03 18:51 - 00000785 _____ C:\Users\tobias\Desktop\Start Tor Browser.lnk 2015-11-03 18:49 - 2015-11-08 08:59 - 00000000 ____D C:\Users\tobias\Desktop\Tor Browser 2015-11-03 18:47 - 2015-11-03 18:48 - 44189792 _____ C:\Users\tobias\Downloads\torbrowser-install-5.0.3_de.exe 2015-11-01 17:02 - 2015-11-08 09:09 - 00000073 _____ C:\Users\tobias\Desktop\Note_2015_11_01.txt 2015-10-27 16:45 - 2015-10-27 16:45 - 00000967 _____ C:\Users\Public\Desktop\ownCloud.lnk 2015-10-23 16:33 - 2015-05-06 05:58 - 00054157 _____ C:\Users\tobias\Downloads\Person.of.Interest.S04E22.720p.HDTV.X264-DIMENSION.en.srt 2015-10-21 17:03 - 2015-10-21 17:03 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-21 17:03 - 2015-10-21 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-21 17:02 - 2015-10-21 17:03 - 00000000 ____D C:\Program Files\iTunes 2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 ____D C:\Program Files\iPod 2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-21 16:56 - 2015-10-21 16:56 - 00000000 ____D C:\Program Files\Bonjour 2015-10-21 16:56 - 2015-10-21 16:56 - 00000000 ____D C:\Program Files (x86)\Bonjour 2015-10-21 16:55 - 2015-10-21 16:55 - 00000000 ____D C:\windows\System32\Tasks\Apple 2015-10-21 16:55 - 2015-10-21 16:55 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2015-10-19 08:30 - 2015-10-19 08:30 - 00001083 _____ C:\Users\Public\Desktop\Sync-my-L2P.lnk 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\Users\tobias\AppData\Local\Sync-my-L2P 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sync-my-L2P 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\Program Files (x86)\SyncMyL2P-2.1.1 2015-10-17 09:35 - 2015-11-07 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 13:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2015-10-16 13:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-10-16 13:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-10-14 09:31 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-10-14 09:31 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll 2015-10-14 09:31 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2015-10-14 09:31 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll 2015-10-14 09:26 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2015-10-14 09:26 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi 2015-10-14 09:26 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe 2015-10-14 09:26 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll 2015-10-14 09:26 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll 2015-10-14 09:26 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll 2015-10-14 09:26 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe 2015-10-14 09:26 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll 2015-10-14 09:26 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys 2015-10-14 09:25 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll 2015-10-14 09:25 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-13 08:11 - 2013-12-25 08:26 - 00000000 ___RD C:\Users\tobias\Documents\SkyDrive 2015-11-13 08:11 - 2012-03-13 22:23 - 00000000 ___RD C:\Users\tobias\Documents\Dropbox 2015-11-13 08:11 - 2012-03-13 22:22 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Dropbox 2015-11-13 08:10 - 2015-02-06 15:05 - 00000000 ____D C:\Users\tobias\AppData\Local\ownCloud 2015-11-13 07:35 - 2015-06-16 21:22 - 00001228 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001UA.job 2015-11-13 07:27 - 2012-11-09 08:05 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-11-13 07:24 - 2012-03-14 00:00 - 01749106 _____ C:\windows\WindowsUpdate.log 2015-11-13 04:22 - 2015-02-15 11:26 - 00000000 ____D C:\windows\rescache 2015-11-13 03:29 - 2009-07-14 05:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-13 03:29 - 2009-07-14 05:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-13 03:20 - 2009-07-14 05:45 - 00552248 _____ C:\windows\system32\FNTCACHE.DAT 2015-11-13 03:19 - 2015-03-16 15:38 - 00041505 _____ C:\windows\setupact.log 2015-11-13 03:19 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-11-12 23:35 - 2015-06-16 21:22 - 00001176 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001Core.job 2015-11-12 18:48 - 2011-12-24 21:38 - 00705560 _____ C:\windows\system32\perfh007.dat 2015-11-12 18:48 - 2011-12-24 21:38 - 00151670 _____ C:\windows\system32\perfc007.dat 2015-11-12 18:48 - 2009-07-14 06:13 - 01631052 _____ C:\windows\system32\PerfStringBackup.INI 2015-11-12 18:42 - 2015-02-06 15:07 - 00000000 ____D C:\Users\tobias\Documents\ownCloud 2015-11-12 18:18 - 2015-04-07 19:32 - 00222710 _____ C:\windows\PFRO.log 2015-11-12 16:52 - 2012-03-16 10:24 - 00000000 ____D C:\Users\tobias\AppData\Roaming\vlc 2015-11-12 12:55 - 2012-03-13 15:46 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{FF903F77-4601-4548-B46C-66713F277F03} 2015-11-12 11:26 - 2013-08-08 14:56 - 00000000 ____D C:\windows\system32\MRT 2015-11-12 11:02 - 2012-03-14 19:27 - 145617392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-11-12 10:58 - 2013-01-12 12:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 10:40 - 2011-12-24 22:24 - 01609076 _____ C:\windows\SysWOW64\PerfStringBackup.INI 2015-11-12 10:27 - 2011-02-11 06:02 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-12 10:13 - 2015-08-05 19:23 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleFortobias.job 2015-11-11 21:47 - 2014-01-11 16:19 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 apoEdition 2015-11-11 20:32 - 2015-08-05 19:23 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleFortobias 2015-11-11 20:31 - 2012-03-14 11:00 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log 2015-11-11 17:27 - 2012-11-09 08:05 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-11-11 17:27 - 2012-04-15 15:12 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 17:27 - 2012-03-16 13:01 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-08 09:00 - 2009-07-14 03:34 - 00000524 _____ C:\windows\win.ini 2015-11-08 08:47 - 2012-05-08 11:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-04 17:22 - 2012-03-17 10:43 - 00000000 ____D C:\Users\tobias\AppData\Local\CrashDumps 2015-11-04 09:53 - 2012-03-16 10:51 - 00000000 ____D C:\Users\tobias\AppData\Local\Adobe 2015-11-04 09:51 - 2014-12-25 15:30 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-04 09:50 - 2012-03-16 10:48 - 00000000 ____D C:\ProgramData\Adobe 2015-11-03 18:17 - 2012-11-10 10:59 - 00003704 _____ C:\windows\System32\Tasks\Java Update Scheduler 2015-10-27 16:45 - 2015-02-06 15:05 - 00000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk 2015-10-27 16:45 - 2015-02-06 15:03 - 00000000 ____D C:\Program Files (x86)\ownCloud 2015-10-27 16:19 - 2014-04-08 11:29 - 00002180 _____ C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-10-25 11:11 - 2013-10-28 17:19 - 00000000 ____D C:\ProgramData\Oracle 2015-10-25 11:10 - 2015-10-13 16:32 - 00000000 ____D C:\Users\tobias\.oracle_jre_usage 2015-10-25 11:10 - 2013-10-28 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-25 11:09 - 2014-07-20 11:09 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-25 11:09 - 2013-12-18 22:30 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-25 10:59 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT 2015-10-24 14:32 - 2012-04-13 08:18 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForNBTOBIAS1$ 2015-10-24 14:32 - 2012-04-13 08:18 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForNBTOBIAS1$.job 2015-10-23 15:46 - 2014-12-21 16:04 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Nitro PDF 2015-10-21 17:02 - 2012-03-13 22:32 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-21 16:55 - 2012-03-13 22:32 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-10-19 15:21 - 2013-02-24 15:56 - 00000000 ____D C:\Program Files (x86)\Sync-my-L2P 2015-10-17 09:20 - 2014-12-12 16:33 - 00000000 ____D C:\windows\system32\appraiser 2015-10-17 09:20 - 2014-05-07 08:58 - 00000000 ___SD C:\windows\system32\CompatTel 2015-10-14 15:20 - 2012-03-13 15:46 - 00000000 ___RD C:\Users\tobias\Virtual Machines ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-28 12:31 - 2013-12-28 12:31 - 5082084 _____ (The Public) C:\Users\tobias\AppData\Roaming\Avisynth.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 5243208 _____ ( ) C:\Users\tobias\AppData\Roaming\AvsP.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 4575156 _____ (ffdshow ) C:\Users\tobias\AppData\Roaming\ffdshow.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 5514668 _____ (LIGHTNING UK!) C:\Users\tobias\AppData\Roaming\Imgburn.exe 2011-02-24 00:10 - 2011-02-24 00:10 - 0020432 _____ (Intel Corporation) C:\Users\tobias\AppData\Roaming\JomCap.dll 2012-03-13 15:28 - 2012-03-13 15:30 - 0055948 _____ () C:\Users\tobias\AppData\Roaming\QWInstall.log 2013-12-28 12:31 - 2013-12-28 12:31 - 7760687 _____ (Boraxsoft) C:\Users\tobias\AppData\Roaming\SetupGFD.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 0642685 _____ (Xvid team ) C:\Users\tobias\AppData\Roaming\xvid.exe 2013-04-02 16:32 - 2014-01-25 14:49 - 0054784 _____ () C:\Users\tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-11 19:43 - 2015-11-11 19:43 - 0002282 _____ () C:\Users\tobias\AppData\Local\recently-used.xbel 2013-10-22 19:45 - 2013-10-22 19:45 - 0000017 _____ () C:\Users\tobias\AppData\Local\resmon.resmoncfg 2015-08-23 08:35 - 2015-08-23 08:35 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-09-19 08:17 - 2014-09-19 08:17 - 0000252 _____ () C:\ProgramData\FastPics.log 2012-03-26 09:15 - 2014-09-23 17:41 - 0000624 _____ () C:\ProgramData\lxdw.log 2014-09-18 15:09 - 2014-09-18 15:10 - 0000248 _____ () C:\ProgramData\lxdwDiagnostics.log 2013-06-28 11:10 - 2013-06-28 11:10 - 0002082 _____ () C:\ProgramData\regid.2002-12.it.k-sol,projectreader_ADBA5736-2070-4B17-8489-5EE61980C4CE.swidtag 2014-09-18 15:09 - 2014-09-18 15:09 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Einige Dateien in TEMP: ==================== C:\Users\tobias\AppData\Local\Temp\avgnt.exe C:\Users\tobias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1bxpxs.dll C:\Users\tobias\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\windows\explorer.exe => Datei ist digital signiert C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\SysWOW64\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-11 20:46 ==================== Ende von FRST.txt ============================ |
13.11.2015, 08:17 | #4 |
| Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015 durchgeführt von tobias (2015-11-13 08:13:47) Gestartet von C:\Users\tobias\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-03-13 14:13:39) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3842400618-988267013-911341351-500 - Administrator - Disabled) Gast (S-1-5-21-3842400618-988267013-911341351-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3842400618-988267013-911341351-1003 - Limited - Enabled) tobias (S-1-5-21-3842400618-988267013-911341351-1001 - Administrator - Enabled) => C:\Users\tobias ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) ABC Amber BlackBerry Converter (HKLM-x32\...\ABC Amber BlackBerry Converter) (Version: - ) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Akamai NetSession Interface (HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Install Manager (HKLM\...\{7DB34D93-22BA-BE2B-6DB9-56D84E98C1DB}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft) ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft) Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5 - Arduino LLC) Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.1 - Autodesk) Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk) Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.) Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk Inventor Content Center Libraries 2012 (Desktop Content) (HKLM\...\{B46DECD1-1664-4EF1-0000-22D71E81877C}) (Version: 16.0.16000.0000 - Autodesk, Inc.) Autodesk Inventor Content Center Libraries 2015 (Desktop Content) (HKLM\...\{B46DECD1-1964-4EF1-0000-22D71E81877C}) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.) Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden Autodesk Inventor Fusion for Inventor 2012 Add-in (HKLM\...\Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul) (Version: 1.0.0.18 - Autodesk) Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul (Version: 1.0.0.18 - Autodesk) Hidden Autodesk Inventor Fusion for Inventor 2012 Zusatzmodul Language Pack (Version: 1.0.0.18 - Autodesk) Hidden Autodesk Inventor Professional 2015 - Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2015) (Version: 19.0.15900.0000 - Autodesk) Autodesk Inventor Professional 2015 (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Inventor Professional 2015 Language Pack - Deutsch (German) (Version: 19.0.15900.0000 - Autodesk) Hidden Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk) Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.9.100 - Autodesk) Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 1.0.0 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.3.1 - Autodesk) Autodesk ReCap (Version: 1.3.3.1 - Autodesk) Hidden Autodesk Revit Interoperability for Inventor 2015 (HKLM\...\Autodesk Revit Interoperability for Inventor 2015) (Version: 15.0.166.0 - Autodesk) Autodesk Revit Interoperability for Inventor 2015 (Version: 15.0.166.0 - Autodesk) Hidden Autodesk Vault 2012 (Client) (HKLM-x32\...\Autodesk Vault 2012 (Client)) (Version: 16.0.56.200 - Autodesk, Inc.) Autodesk Vault 2012 (Client) (Version: 16.0.56.200 - Autodesk, Inc.) Hidden Autodesk Vault 2012 (Client) German Language Pack (Version: 16.0.56.200 - Autodesk, Inc.) Hidden Autodesk Vault Basic 2015 (Client) (HKLM\...\Autodesk Vault Basic 2015 (Client)) (Version: 19.0.49.0 - Autodesk) Autodesk Vault Basic 2015 (Client) (Version: 19.0.49.0 - Autodesk) Hidden Autodesk Vault Basic 2015 (Client) German Language Pack (Version: 19.0.49.0 - Autodesk) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG) bcWebCam (HKLM-x32\...\{2C2943D2-61CB-4F91-A3DA-A50FA1E93F54}) (Version: 2.3 - QS QualitySoft GmbH) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}) (Version: 7.0.826.0 - Microsoft Corporation) Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.) Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.) Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - ) Canon MP520 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series) (Version: - ) Canon MP520 series Benutzerregistrierung (HKLM-x32\...\Canon MP520 series Benutzerregistrierung) (Version: - ) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.) Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com) CodeBlocks (HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Configurator 360 addin (HKLM-x32\...\{8FE324B0-B934-4D68-BAB5-DE2136036237}) (Version: 19.0.11300.9000 - Autodesk, Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.1.0.1 - Hewlett-Packard Company) Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version: - ) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company) Dropbox (HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink) DWG TrueView 2012 (HKLM\...\DWG TrueView 2012) (Version: 18.2.51.0 - Autodesk) DWG TrueView 2012 (Version: 18.2.51.0 - Autodesk) Hidden DWG TrueView 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems) Eco Materials Adviser (x64) (HKLM\...\{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}) (Version: 1.32.0.0 - Granta Design Limited) Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) (HKLM\...\{2F7441CB-A646-41F1-B1CB-518AB311138B}) (Version: 5.3.8.0 - Granta Design Limited) Elcomsoft Blackberry Backup Explorer (HKLM-x32\...\{9E4F65F1-1C75-43AF-8541-AF047E72E206}) (Version: 10.02.13.1279 - Elcomsoft Co. Ltd.) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Evernote v. 4.6 (HKLM-x32\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.) Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4407 - Hewlett-Packard Company) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company) Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation) HP 3D DriveGuard (HKLM\...\{AB5BCC55-18E2-46C7-9405-FF61CB888F05}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connection Manager (HKLM-x32\...\{5DCA44EB-03F6-44A3-A294-F3E5DE98D7F6}) (Version: 4.4.10.1 - Hewlett-Packard Company) HP DayStarter (HKLM\...\{11B12521-89B2-4298-A925-DCEC1950DE00}) (Version: 2.0.0.12 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{C6A49140-A2D9-4CA4-BB92-2E1C8CBB6E16}) (Version: 1.3.0.0 - Hewlett-Packard) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent) HP HD Webcam [Fixed] (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.4.09 - SunplusIT) HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.4.1 - Hewlett-Packard Company) HP Power Assistant (HKLM\...\{D9355D03-2C06-401B-8A16-F6500379AE21}) (Version: 2.1.0.6 - Hewlett-Packard Company) HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.08.1017 - Hewlett-Packard Company) HP QuickWeb (HKLM-x32\...\{3F437675-F102-4866-BDE1-FFFC7B45EC0B}) (Version: 3.1.2.10229 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM-x32\...\{9FC12D03-6223-4972-B17F-819868A8C8C0}) (Version: 3.6.0.0 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company) HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT) Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - ) Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation) Inventor 2015 Heartbleed Hotfix Installer (INV19001) (HKLM\...\Autodesk Inventor Professional 2015_19001) (Version: 1 - Autodesk) iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java(TM) SE Development Kit 7 Update 3 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 - Oracle) JavaFX 2.0.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation) JavaFX 2.0.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation) Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.) John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MATLAB R2014a (HKLM\...\Matlab R2014a) (Version: 8.3 - The MathWorks, Inc.) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation) Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk) Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team) ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.64 - PDF Complete, Inc) PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.308.2 - Tracker Software Products Ltd) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden PhoenixRC (HKLM-x32\...\{7A03BEDC-6390-440E-8D13-721A22F0BD1F}) (Version: 3.00.12 - Ihr Firmenname) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company) Pro/ENGINEER Mechanica Release Wildfire 3.0 Datecode M250 (HKLM\...\Pro/ENGINEER Mechanica Release Wildfire 3.0 Datecode M250) (Version: Wildfire 3.0 - PTC) Pro/ENGINEER Release Wildfire 3.0 Datecode M250 (HKLM\...\Pro/ENGINEER Release Wildfire 3.0 Datecode M250) (Version: Wildfire 3.0 - PTC) ProjectReader (HKLM-x32\...\{9ACD9F21-CA0A-4E08-B54B-EB39CAA0D42B}) (Version: 4.06.0000 - K-SOL S.r.l.) PTC ProductView Express - Wildfire 3.0 (M250) (HKLM\...\{A5D8B0CE-1CC8-4148-9215-1C55BCC436A1}) (Version: 3.0.1016.0 - PTC) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software) Razer Diamondback 3G (HKLM-x32\...\{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}) (Version: 5.01 - Razer USA Ltd.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden SAM Party DJ (remove only) (HKLM-x32\...\SAMPDJ) (Version: - ) Schnell-Deinstallations-Tool für Autodesk Inventor 2012 (HKLM\...\{D25FF5C1-1664-469A-9794-69309387C193}) (Version: 16.0.16000.0000 - Autodesk) SDK (x32 Version: 2.26.012 - Portrait Displays, Inc.) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden StarMoney (x32 Version: 2.0 - StarFinanz) Hidden StarMoney (x32 Version: 3.0.5.8 - StarFinanz) Hidden StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden StarMoney 8.0 apoEdition (HKLM-x32\...\{728DAA8D-4F0E-416F-AE96-22013CC592DE}) (Version: 8.0 - Star Finanz GmbH) StarMoney 9.0 apoEdition (HKLM-x32\...\{DAC0FB2A-589B-49A6-AC71-69BA214EC091}) (Version: 9.0 - Star Finanz GmbH) Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios) Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios) Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated) Sync-my-L2P (HKLM-x32\...\Sync-my-L2P 2.1.1) (Version: 2.1.1 - Sync-my-L2P) Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.37.0 - Hewlett-Packard Company) Theft Recovery for HP ProtectTools (x32 Version: 6.0.37.0 - Hewlett-Packard Company) Hidden Total Annihilation (HKLM-x32\...\Total Annihilation) (Version: - ) tulox (HKLM-x32\...\tulox) (Version: - ) TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3600.171 - TuneUp Software) TuneUp Utilities 2012 (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH) TurboPlot v3.7e (HKLM-x32\...\TurboPlot_is1) (Version: - G. & H.-J. Dreher) Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - ) Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.) VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden VIP Access SDK (1.0.1.5) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.5 - Symantec Inc.) Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden VisiCut (HKLM-x32\...\VisiCut) (Version: - ) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WD SES Driver Setup (x32 Version: 1.0.3.3 - Western Digital) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) Windows Phone (HKLM-x32\...\{18EFF59E-BB7D-40F9-BE20-6A910BADC2E1}) (Version: 0.9.3723.2 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E4}) (Version: 19.0.11293 - WinZip Computing, S.L. ) WORLD IN CONFLICT (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.0.0 - Massive Entertainment AB) Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.) Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\tobias\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\iDrop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TI.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> c:\Program Files\Autodesk\DWG TrueView 2012\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppDocView.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxTest.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtCp.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\tobias\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\SolidObject.Dll () CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\SolidObject.Dll () CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\BodyReceiver.dll () CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C0E7110B-2136-11D4-8DD0-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxInventorMarshal.Dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxApprenticeServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> c:\Program Files\Autodesk\DWG TrueView 2012\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ColorButton.Ocx (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DtBridge.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\AcInetUI.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\RxInventorUtilities.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\TestServer.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\Inventor.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E6E92821-2731-4AA3-B919-D2BC514FEC64}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Compatibility\Bin\DbxBridgePS.Dll () CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\InvResc.dll (Autodesk) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\ServiceModule.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\InvTXTStack.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FD703B01-4362-423E-9BDB-91BDCB16C1C9}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2015\Bin\DTInterop.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-3842400618-988267013-911341351-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei ==================== Wiederherstellungspunkte ========================= ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0981F5C1-9E64-4262-A561-DD626A4B8EBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {21698F0B-3B4B-4128-B0B8-CD7DBC017CD8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {2D95754B-E0C1-447E-AB38-56533B843631} - System32\Tasks\{6EC2A0E6-1587-4C2F-8F63-C30B9708C811} => H:\Stefanie\Spiele\Microsoft Games\Minesweeper\MineSweeper.exe Task: {30DD8635-3EE2-4C4C-AAD0-605E609C9109} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation) Task: {46304CC9-9D6B-4492-BB28-F5261F641039} - System32\Tasks\{0139977E-3467-40F6-90D1-9134AFAFCC79} => C:\Users\tobias\Documents\Dropbox\03_Monika_Tobi\admigro\PowerTeacher_GL\powerteacherDL.EXE Task: {489649F0-FB79-4C28-B54E-C823995F0E0D} - System32\Tasks\{84D6C42F-788E-4BDA-9E12-658ECB16D338} => C:\Users\tobias\Documents\Dropbox\03_Monika_Tobi\admigro\PowerTeacher_GL\powerteacherDL.EXE Task: {4D8F162D-27C0-421B-9C76-8175007C9480} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001Core => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {4F3C6734-BE90-4D01-A78B-BA28C1A4EA71} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {592554CF-FDC9-4529-9F63-AF22B9EB2CA6} - System32\Tasks\{6B77F910-CAA7-46C0-89DD-E325DDB4485E} => C:\Users\tobias\Documents\Dropbox\03_Monika_Tobi\admigro\PowerTeacher_GL\powerteacherDL.EXE Task: {5ABD84E1-B605-4DEB-8ED9-F5000CC1864A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {68777F58-51EF-4F7F-A44B-7007FB1B79C1} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001UA => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {7142E1FF-D1BC-4C09-85FF-3A3BCB164CC0} - System32\Tasks\{9F82CD05-2594-4898-958B-7E8384BC516E} => H:\Stefanie\Spiele\Microsoft Games\Minesweeper\MineSweeper.exe Task: {74F76C4C-D874-4057-ADE9-358F8E1461F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {79FC84C3-BA25-4DE8-A069-2D6BEF62D0E9} - System32\Tasks\{FA5F2A43-B895-4AB8-AC9F-512EA7564734} => pcalua.exe -a "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -d "C:\Program Files (x86)\Mozilla Firefox" Task: {7BE05D4D-D0E8-4B3E-9552-5FB9F8D25F5E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {851E6458-C6BB-4D06-BF39-79DDB009A219} - System32\Tasks\{41CC5C2E-6D66-4CB5-97F7-4098AE1F2BB3} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar Task: {86B362E3-BBDE-427E-B7A0-866DB8C153D5} - System32\Tasks\{0AECD8FA-8FD4-4345-86F5-7D255843385F} => C:\Users\tobias\Documents\Dropbox\03_Monika_Tobi\admigro\PowerTeacher_GL\powerteacherDL.EXE Task: {95664F46-55EB-4CED-8105-E3EAC15AA23D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {B30AA952-BC13-44B7-A610-D6197032BC14} - System32\Tasks\{8BC100BB-CCA0-49B5-850A-B8C96298DCEB} => C:\Users\tobias\Documents\Dropbox\03_Monika_Tobi\admigro\PowerTeacher_GL\powerteacherDL.EXE Task: {B716CF03-D827-47C1-A85A-97C076EB338C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {BA359625-9649-4255-9060-DFFEAF78E664} - System32\Tasks\HPCeeScheduleFortobias => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {BA468A3D-B263-4DAB-BF62-EFC8172CEB3F} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 7600 Series\ezprint.exe Task: {BF7F0D62-F9F2-4307-B469-4A4DDE39E4D1} - System32\Tasks\Primax Electronics-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe Task: {C0CF287E-EC61-4670-8A31-E9B68A81B9E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {D2AD56CA-0861-4215-A6DD-62EA54B870AB} - System32\Tasks\MATLAB R2014a Startup Accelerator => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe [2014-01-29] () Task: {D3014A8D-C7B4-4413-BD00-455E497EA12D} - System32\Tasks\{EEB1497C-E7CB-42B1-9BC1-BADD85120765} => C:\Program Files (x86)\BlueByte\Siedler3\s3.exe [2013-02-13] (Blue Byte ) Task: {D6C6D8D5-F06A-4FE3-A6EC-14C73275D340} - System32\Tasks\HPCeeScheduleForNBTOBIAS1$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {E866E798-CF48-46B3-81F9-DD26FE8787FF} - System32\Tasks\{A8B2E556-B259-4F63-8AB5-5AEFDF794938} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar Task: {F2B77942-2EC5-4E6F-87E2-6DE7E4382082} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {FF0EDDB2-AEC0-4CDB-A285-9933C7206063} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001Core.job => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001UA.job => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\HPCeeScheduleForNBTOBIAS1$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\windows\Tasks\HPCeeScheduleFortobias.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\windows\Tasks\MATLAB R2014a Startup Accelerator.job => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2011-07-18 16:48 - 2011-07-18 16:48 - 00156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll 2013-02-01 09:39 - 2013-02-01 09:39 - 03401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll 2010-09-06 13:18 - 2010-09-06 13:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll 2013-02-01 09:26 - 2013-02-01 09:26 - 01956864 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcNp64.DLL 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-02-01 08:39 - 2013-02-01 08:39 - 01323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe 2013-10-06 12:01 - 2013-06-03 12:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe 2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll 2011-09-01 09:13 - 2011-09-01 09:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe 2010-11-26 12:31 - 2010-11-26 12:31 - 00267128 _____ () C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe 2012-09-09 20:02 - 2010-04-28 16:25 - 00228352 _____ () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe 2013-02-01 09:14 - 2013-02-01 09:14 - 02830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll 2013-02-01 08:38 - 2013-02-01 08:38 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll 2013-02-01 09:17 - 2013-02-01 09:17 - 02863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll 2013-02-01 09:15 - 2013-02-01 09:15 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll 2013-02-01 08:42 - 2013-02-01 08:42 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll 2013-02-01 08:43 - 2013-02-01 08:43 - 01945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll 2013-02-01 09:12 - 2013-02-01 09:12 - 03092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll 2014-10-19 12:45 - 2014-10-19 12:45 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll 2012-03-13 15:19 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2013-10-06 12:01 - 2013-06-03 12:06 - 09907712 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll 2013-10-06 12:01 - 2013-05-16 13:28 - 00242688 _____ () C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger 2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll 2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll 2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll 2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll 2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll 2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll 2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll 2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll 2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll 2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll 2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll 2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll 2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll 2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll 2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll 2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll 2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll 2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll 2015-11-13 08:10 - 2015-11-13 08:10 - 00071168 _____ () c:\users\tobias\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1bxpxs.dll 2015-11-11 16:51 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\tobias\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\tobias\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-11-11 16:51 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\tobias\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-11-11 16:51 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\tobias\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\tobias\Desktop\Bachelorarbeit_Tobias Frede_SS2015:com.dropbox.attributes ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\Software\Classes\secfile: Pro/E Sketcher Section File <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^Users^tobias^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^tobias^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden MSCONFIG\startupreg: HPQuickWebProxy => "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" MSCONFIG\startupreg: MfeEpePcMonitor => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{10EA7B2F-E845-493A-8D7D-7BF9245F53E2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5700D61E-9C00-412B-A046-351F5F3E946A}] => (Allow) LPort=2869 FirewallRules: [{3D65E956-4CFE-465F-8F64-1D2FB324F2DC}] => (Allow) LPort=1900 FirewallRules: [{27F573DA-0E79-41C5-AC82-4AC62D3A91EC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D0DA3741-8462-4EE8-A5AF-C4789124D710}] => (Allow) C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{BB4F7100-877D-4CBE-91AD-7B71ADF81A65}] => (Allow) C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{2066095B-9908-42D6-91AA-24946FA5F868}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [TCP Query User{0E21955D-B759-4072-AD6B-932AF9F045CC}C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{43C73397-6824-4131-AC91-550929F4F617}C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{339F8178-C7F6-423B-A22F-5FA3E8095588}] => (Block) G:\festplatte\spiele\age of empires 2\age2_x1.exe FirewallRules: [{D47DBE77-2A49-482B-A05A-6CC900C0470B}] => (Block) G:\festplatte\spiele\age of empires 2\age2_x1.exe FirewallRules: [TCP Query User{B4422EB5-2DDB-4E78-A8AF-E5AD82260224}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{4796CBEA-F559-478D-A5CD-70AC14184CA2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{F011D9F5-F89F-40AD-826B-143746885029}C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe FirewallRules: [UDP Query User{32242521-F9CA-4230-BFCB-34DB40BFBFFB}C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe FirewallRules: [TCP Query User{B294A85A-581B-41BD-9000-E399908FB390}C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe FirewallRules: [UDP Query User{26FE7C5A-870C-4BDA-A3E0-6BA3127F4386}C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe FirewallRules: [TCP Query User{B476CD3E-99B1-4F67-A7E4-136A00EB1A40}C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [UDP Query User{E6444FCB-466E-4F08-8BF6-7FB299952BE5}C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [TCP Query User{484E8B91-3A79-48A1-AA02-BDE9382C94F6}C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe FirewallRules: [UDP Query User{602902E7-D427-4DAA-9E80-45BB6405B19D}C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\nms\nmsd.exe FirewallRules: [TCP Query User{F417AFC9-3EAE-4DD1-9192-FE28D7696AE8}C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe FirewallRules: [UDP Query User{6B5D27E0-3F23-4889-8488-3AF5522E359B}C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\xtop.exe FirewallRules: [TCP Query User{914EBDAF-A96B-4F6A-90B9-0F984A807EE3}C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [UDP Query User{B8359D0A-BB80-45C0-BF43-6ED6FFD6275E}C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\program files\proewildfire 3.0\x86e_win64\obj\pro_comm_msg.exe FirewallRules: [TCP Query User{7EDFC1E6-3AA2-4267-8C8C-CC7C87C83299}C:\program files\proewildfire 3.0\bin\proe.exe] => (Allow) C:\program files\proewildfire 3.0\bin\proe.exe FirewallRules: [UDP Query User{B6A923A3-449F-4CC4-B949-7A60D0D0D062}C:\program files\proewildfire 3.0\bin\proe.exe] => (Allow) C:\program files\proewildfire 3.0\bin\proe.exe FirewallRules: [{A1F9E571-1A01-4879-A60A-1EFA2AE8484A}] => (Allow) C:\Program Files (x86)\Sierra Entertainment\WORLD IN CONFLICT\wic.exe FirewallRules: [{90A7C11B-32BD-40FE-8C8B-4CD9A90DFD3F}] => (Allow) C:\Program Files (x86)\Sierra Entertainment\WORLD IN CONFLICT\wic.exe FirewallRules: [{2805F319-84D0-4CB2-8035-7CB2FE1C18D7}] => (Allow) C:\Program Files (x86)\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe FirewallRules: [{238D0EBC-8082-413D-AF80-878A16FFA214}] => (Allow) C:\Program Files (x86)\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe FirewallRules: [{83344984-6FF4-420E-AB39-059A1A1D8196}] => (Allow) C:\Program Files (x86)\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe FirewallRules: [{9A28D115-16BC-4395-8994-95C1CE51CA8A}] => (Allow) C:\Program Files (x86)\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe FirewallRules: [TCP Query User{DF2949F0-0BA7-4323-B145-0CB8FF9D6D34}C:\program files (x86)\sierra entertainment\world in conflict\wic.exe] => (Allow) C:\program files (x86)\sierra entertainment\world in conflict\wic.exe FirewallRules: [UDP Query User{24FCD0F3-277D-4961-974E-807A1CE7D41E}C:\program files (x86)\sierra entertainment\world in conflict\wic.exe] => (Allow) C:\program files (x86)\sierra entertainment\world in conflict\wic.exe FirewallRules: [TCP Query User{6FA2EFD2-0680-4606-A8E2-C618A3BFC3E7}C:\program files (x86)\bluebyte\siedler3\s3.exe] => (Allow) C:\program files (x86)\bluebyte\siedler3\s3.exe FirewallRules: [UDP Query User{7BA613A9-5EF9-4A50-A135-4F5191B45119}C:\program files (x86)\bluebyte\siedler3\s3.exe] => (Allow) C:\program files (x86)\bluebyte\siedler3\s3.exe FirewallRules: [{E16FF20E-F888-4AB5-8172-822EFE6D7D12}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{505EBA66-4F94-42FE-9BC4-F8D5BF006E4C}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{B35B2A46-7D33-4231-8198-22A8ED7F4181}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 apoEdition\app\StarMoney.exe FirewallRules: [{E2B46D4F-0DB6-4B33-9248-550EB37E9381}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 apoEdition\app\StarMoney.exe FirewallRules: [TCP Query User{26F91274-C3C0-4EF4-84C3-6F3B58B05B15}C:\program files\proewildfire 3.0\bin\proe.exe] => (Allow) C:\program files\proewildfire 3.0\bin\proe.exe FirewallRules: [UDP Query User{DE2CEDB7-495B-49B7-983D-D7013555F6D2}C:\program files\proewildfire 3.0\bin\proe.exe] => (Allow) C:\program files\proewildfire 3.0\bin\proe.exe FirewallRules: [{9C5ADC3F-74DF-4387-AE4E-9AC4FD47D5C1}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{FD90D330-914C-469E-B289-D2C1218E6430}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [TCP Query User{B427F777-5D3B-4191-AE21-A735BC5451D4}C:\program files (x86)\firefly studios\stronghold\stronghold.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold\stronghold.exe FirewallRules: [UDP Query User{303895A8-D789-4568-8FAC-F68A149FD0E0}C:\program files (x86)\firefly studios\stronghold\stronghold.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold\stronghold.exe FirewallRules: [{BCB36657-1AD3-40E4-BDC6-DC8DB617FDC5}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe FirewallRules: [{B2442A15-678B-4979-81C6-4E5766BE04DF}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe FirewallRules: [{E04577A4-77ED-4385-9F61-A0593E14F12B}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe FirewallRules: [{C362E6D6-32F0-4BB6-82E6-F676BB9E4785}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe FirewallRules: [TCP Query User{F03FDA5D-20F0-4BAE-B7BB-F532AC68BA22}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [UDP Query User{48E15B2F-61A7-4866-A7AC-862D152D1C67}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe FirewallRules: [TCP Query User{1288C0AA-CAAF-47C2-87CD-846020A5DE2D}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe FirewallRules: [UDP Query User{74F1043C-49AD-4485-89E2-77FB91091DCD}C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold_crusader_extreme.exe FirewallRules: [{4C0A6DBE-B6B8-44CA-BF95-A0357F264207}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [{54F2BFD6-9492-40EA-926D-4AFC2B343229}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [TCP Query User{5DA43278-5D19-4930-BB58-C2FB4ABC2F08}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe FirewallRules: [UDP Query User{713544A1-1286-4361-90AC-3FCC6D32D51F}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe FirewallRules: [{07B4ADA4-1303-43B1-81A6-9C2228753560}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{97AC9D72-119E-4E30-9757-E20DC9A0D5BE}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{9878A782-0749-4BD5-8617-608378475E6F}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{4447DF1E-C965-4F2C-B646-1625D29B920B}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [TCP Query User{C1067A87-0072-4E32-A919-015DF450DA6F}C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe] => (Allow) C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe FirewallRules: [UDP Query User{BD255934-4772-46F2-9588-7D25C2B188AE}C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe] => (Allow) C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe FirewallRules: [TCP Query User{AAECE478-DD48-4713-B98A-67FB725AADE8}C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe] => (Allow) C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe FirewallRules: [UDP Query User{28C2A134-2007-43AD-99EA-9CFFC759A351}C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe] => (Allow) C:\users\tobias\sicherung\spiele\counter-strike source\hl2.exe FirewallRules: [{38AF1840-8885-4F35-90AC-91A57CFEC274}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{75317422-9438-43DA-9D84-88B4483BC559}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{77C20B25-46F8-480A-B9DB-8EAE12FCA768}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{3B601673-2ABF-462F-9306-3FC7FB138942}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{1C4680CE-C09D-4719-8F68-08ECCFF67A2F}] => (Allow) C:\Users\tobias\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{8BD93423-AE4E-4EBE-922A-6F4904260EFC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{55572272-2C1C-4A95-BDA8-190532B23EB9}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{E1FAAD60-6D91-4EAA-8996-42BC9B0D6390}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{702619D3-C3BC-45F2-9242-55EE713C5839}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{F38587F2-4D51-4A53-8E39-C4F580DAC7DC}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\app\StarMoney.exe FirewallRules: [{DC8CFD11-41CE-41AA-A559-174382F8786E}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\app\StarMoney.exe FirewallRules: [TCP Query User{055271D9-06EA-4690-94FB-63DDAB917873}C:\users\tobias\sicherung\spiele\empire earth\empire earth.exe] => (Allow) C:\users\tobias\sicherung\spiele\empire earth\empire earth.exe FirewallRules: [UDP Query User{CB8CEACD-2B13-4A3E-9BC9-AFBC6F6A2489}C:\users\tobias\sicherung\spiele\empire earth\empire earth.exe] => (Allow) C:\users\tobias\sicherung\spiele\empire earth\empire earth.exe FirewallRules: [{EDEBAC73-21D3-4812-9A3A-B2CDE47F2E5B}] => (Block) C:\users\tobias\sicherung\spiele\empire earth\empire earth.exe FirewallRules: [{9B47F0C3-166A-46E9-897D-3F65C04C8D16}] => (Block) C:\users\tobias\sicherung\spiele\empire earth\empire earth.exe FirewallRules: [TCP Query User{F44B5113-F8DE-4AAE-BCEC-BA8B5F3B81E7}C:\users\tobias\sicherung\spiele\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\users\tobias\sicherung\spiele\star wars battlefront ii\gamedata\battlefrontii.exe FirewallRules: [UDP Query User{8E447F26-9442-4C5D-838B-7C8C3A59B04D}C:\users\tobias\sicherung\spiele\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\users\tobias\sicherung\spiele\star wars battlefront ii\gamedata\battlefrontii.exe FirewallRules: [{64F7162A-A11D-48CD-BA85-E0DA02859F8E}] => (Block) C:\users\tobias\sicherung\spiele\star wars battlefront ii\gamedata\battlefrontii.exe FirewallRules: [{CA174DA1-9E65-4A60-8FAC-0BD1A951F59C}] => (Block) C:\users\tobias\sicherung\spiele\star wars battlefront ii\gamedata\battlefrontii.exe FirewallRules: [TCP Query User{3E47ED04-FA12-4437-8668-B86F56D85A4E}C:\program files (x86)\bluebyte\siedler3\s3.exe] => (Allow) C:\program files (x86)\bluebyte\siedler3\s3.exe FirewallRules: [UDP Query User{A71CA432-2ABD-4889-B475-4AEE50ECAB37}C:\program files (x86)\bluebyte\siedler3\s3.exe] => (Allow) C:\program files (x86)\bluebyte\siedler3\s3.exe FirewallRules: [TCP Query User{8F975C32-229A-4FD9-A50C-B908AA13C3F3}C:\program files\matlab\r2014a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\matlab.exe FirewallRules: [UDP Query User{BB694129-8782-4075-BB59-1F94F6AD9078}C:\program files\matlab\r2014a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\matlab.exe FirewallRules: [TCP Query User{D2071964-2437-4C05-AFEA-966BBB1341E1}C:\program files\matlab\r2014a\bin\win64\smpd.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\smpd.exe FirewallRules: [UDP Query User{272EB2D1-503E-45D2-9542-FA920424411B}C:\program files\matlab\r2014a\bin\win64\smpd.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\smpd.exe FirewallRules: [TCP Query User{63D00C71-BC63-4F5B-83E9-880CDBDD813B}C:\program files\matlab\r2014a\bin\win64\mpiexec.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\mpiexec.exe FirewallRules: [UDP Query User{188F0B2F-A29D-48D6-94B8-F00F8B0B698C}C:\program files\matlab\r2014a\bin\win64\mpiexec.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\mpiexec.exe FirewallRules: [TCP Query User{82F45A89-B509-4F69-89C2-6FFC7DEC6435}C:\program files\matlab\r2014a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\matlab.exe FirewallRules: [UDP Query User{44A7DFF4-582E-4421-A33A-358899832004}C:\program files\matlab\r2014a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2014a\bin\win64\matlab.exe FirewallRules: [TCP Query User{12D20822-0380-4C32-9A88-049F2F059C9E}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{3AA857E0-647E-4028-96E1-9A871B81079D}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{836008E0-1F74-4034-B7FB-522653E6B665}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E52B644A-62DE-4732-888A-AD6A5E4AB4E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C8D1652D-80C5-4D37-B8ED-8CBF608B4BEC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{FC4D3F38-0853-4B29-B9BC-2B2F74C04964}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{51E6094E-EC7B-4D1A-BB48-61248CE1B759}] => (Allow) C:\Users\tobias\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [TCP Query User{432A4D68-317F-4AED-92A2-B4D7851A215F}C:\users\tobias\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\tobias\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{25D24F2D-032E-4BE6-A338-D5E895C7CDDC}C:\users\tobias\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\tobias\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{F706DB49-CDDA-447F-A51B-2366A0874FEE}C:\users\tobias\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\tobias\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{760B69A2-336A-4A64-9AA3-310B196D31F9}C:\users\tobias\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\tobias\appdata\local\akamai\netsession_win.exe FirewallRules: [{C758049F-8DE0-4E46-8CE1-37B96E6363D6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D5B8BEBD-4289-4168-B6A4-5518667B00E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{55EBB535-3C0B-45AE-8BDD-3D3E8E19E419}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2F18A8E2-72F3-444B-A916-F31A85003E41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{ABAADFF9-9495-4590-838F-A293B10B8224}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{8B6DD46B-1B44-46E9-904A-B566363E089B}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe FirewallRules: [UDP Query User{6CEFD667-B1FA-4D91-82CF-734B79E0DDED}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe FirewallRules: [{38191BE4-1DF9-49E5-8780-7CC22F071C38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F91725E6-1206-4F11-AD69-0A8F26ECA493}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{54F8EF90-7A21-48C4-B9FC-45CA04E46DDC}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe FirewallRules: [UDP Query User{EDD75A49-00E6-4702-B2D8-73332235EF84}C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_65\bin\javaw.exe FirewallRules: [{1B5471C4-6364-43B3-B722-C0B6884D11E1}] => (Allow) LPort=49422 FirewallRules: [{2CB0112F-9931-4EA7-8240-C11EA75813DC}] => (Allow) LPort=5000 ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/13/2015 08:11:20 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/13/2015 04:08:36 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/13/2015 03:20:07 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/12/2015 07:26:57 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2015 07:26:54 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2015 07:26:37 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2015 07:26:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2015 07:16:37 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2015 07:15:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/12/2015 07:02:58 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Systemfehler: ============= Error: (11/13/2015 04:45:24 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (11/13/2015 04:01:59 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (11/13/2015 03:21:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC) Error: (11/12/2015 08:01:27 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (11/12/2015 07:32:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (11/12/2015 07:32:14 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\tobias\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (11/12/2015 07:32:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (11/12/2015 07:32:13 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\tobias\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (11/12/2015 07:32:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (11/12/2015 07:32:13 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\tobias\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. CodeIntegrity: =================================== Date: 2015-11-13 08:11:20.076 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 08:11:19.302 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 08:11:15.658 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 08:11:13.735 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 08:11:10.091 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 08:11:02.762 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 08:10:53.145 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 03:20:07.396 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-13 03:19:59.175 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-11-12 21:33:24.428 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\AESTAR64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz Prozentuale Nutzung des RAM: 36% Installierter physikalischer RAM: 8126.36 MB Verfügbarer physikalischer RAM: 5183.14 MB Summe virtueller Speicher: 12548.27 MB Verfügbarer virtueller Speicher: 9288.79 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:573.16 GB) (Free:5.19 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (HP_RECOVERY) (Fixed) (Total:17.71 GB) (Free:2.69 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (HP_TOOLS) (Fixed) (Total:4.99 GB) (Free:2.1 GB) FAT32 Drive g: (S3GOLD1_G) (CDROM) (Total:0.47 GB) (Free:0 GB) CDFS Drive h: (S3GOLD2_G) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 4591CDD9) Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=573.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=17.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=5 GB) - (Type=0C) ==================== Ende von Addition.txt ============================ |
14.11.2015, 12:14 | #5 |
/// the machine /// TB-Ausbilder | Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführtESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.11.2015, 21:44 | #6 |
| Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=f597ed885db41940b08df228f4e57a28 # end=init # utc_time=2015-11-14 12:03:09 # local_time=2015-11-14 01:03:09 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 26722 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=f597ed885db41940b08df228f4e57a28 # end=updated # utc_time=2015-11-14 12:04:46 # local_time=2015-11-14 01:04:46 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=f597ed885db41940b08df228f4e57a28 # engine=26722 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-11-14 08:18:02 # local_time=2015-11-14 09:18:02 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 135741 199162132 0 0 # scanned=1141038 # found=2 # cleaned=0 # scan_time=29595 sh=B332165C4658BD99A753B4B8366B8A782F030061 ft=1 fh=4fb51f3415da3307 vn="Win32/InstallMonetizer.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\tobias\AppData\Local\Mozilla\Firefox\Profiles\lb2llahf.default\cache2\entries\8494D8B42E33F037E2F95457A4F5132A420EB71D" sh=883D2C5D8554CB094FFF92955AE6A6A6F55C98B8 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\cac77.msi" Code:
ATTFilter Results of screen317's Security Check version 1.009 Windows Vista x64 (UAC is disabled!) Out of date service pack!! Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` TuneUp Utilities 2012 TuneUp Utilities Language Pack (de-DE) Java 8 Update 65 Java version 32-bit out of Date! Adobe Flash Player 19.0.0.245 Mozilla Firefox (42.0) Mozilla Thunderbird (38.3.0) ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 durchgeführt von tobias (Administrator) auf NBTOBIAS1 (14-11-2015 21:41:26) Gestartet von C:\Users\tobias\Desktop Geladene Profile: tobias (Verfügbare Profile: tobias) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe () C:\Program Files (x86)\ownCloud\owncloud.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Akamai Technologies, Inc.) C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe (Dropbox, Inc.) C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Akamai Technologies, Inc.) C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-03-01] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated) HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation) HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] () HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-23] (Apple Inc.) HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2006-11-29] (Ulead Systems, Inc.) HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [228352 2010-04-28] () HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-13] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-07-30] (Autodesk Inc.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X] HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] () HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Dropbox Update] => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Akamai NetSession Interface] => C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {16a9969e-13a0-11e2-b290-e4115b3ba111} - G:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {610c28cf-6508-11e4-a45f-e4115b3ba111} - I:\DTVP_Launcher.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {afccd57f-2c98-11e5-8394-e4115b3ba111} - I:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {afccd58f-2c98-11e5-8394-e4115b3ba111} - I:\AutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\aclauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\activate_matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AdAppMgr.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AdSync.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\agatha christie - peril at end house-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\bejeweled2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\blasterball3-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\bounce-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\buildalot5-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\cake mania-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\cd_label.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\chuzzle deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\deactivate_matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\diner dash 2 restaurant rescue-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\drivegreen1-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\farm frenzy-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\fate-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\gameconsole-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\hppa_main.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\iedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\iedit_.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\insaniquarium-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\ipsecdialer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\jewelquest2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\jqsolitaire-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\mediaimpression.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\netviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\netviewerk6.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\onplay.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\penguins-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\plants vs. zombies-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\polar-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\provider.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\scrconfig.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\scrsetup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\setmtu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\slideshowplayer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\slingo-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\smkonv.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\softpaqdownloadmanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\startstarmoney.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tmextreme.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tmshowbiz.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tunngle.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\udtstart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\uninstalltool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\utmstudioframe.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\uwebcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\virtual villagers - the secret city-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\vpngui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\wedding dash-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\zuma-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2012-03-14] ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11] ShortcutTarget: Dropbox.lnk -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-11-11] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{3B4033D6-F242-4ABB-AFF2-4D1ABD9D54B7}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3842400618-988267013-911341351-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10 SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3842400618-988267013-911341351-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3842400618-988267013-911341351-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-25] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-08-01] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-25] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-08-01] (Microsoft Corporation.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.) FireFox: ======== FF ProfilePath: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default FF Keyword.URL: FF NetworkProxy: "http", "81.169.187.212" FF NetworkProxy: "http_port", 8000 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\google-images.xml [2014-12-14] FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\google-maps.xml [2014-12-14] FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\ixquick-ssl.xml [2014-01-16] FF Extension: Avira Browser Safety - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\abs@avira.com [2015-05-13] [ist nicht signiert] FF Extension: Zotero - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\zotero@chnm.gmu.edu.xpi [2015-02-25] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: DownThemAll! - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-02-05] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-01-27] [ist nicht signiert] FF HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\extensions\cliqz@cliqz.com => nicht gefunden ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1129864 2015-07-30] (Autodesk Inc.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-13] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-13] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-13] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-13] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert] S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert] R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.) S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company) S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company) R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [Datei ist nicht signiert] R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert] R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-11] (Autodesk, Inc.) R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc) R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-03-01] (IDT, Inc.) [Datei ist nicht signiert] S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) S4 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software) S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [Datei ist nicht signiert] R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-07] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-07] (Avira Operations GmbH & Co. KG) S3 bthathfax; C:\Windows\System32\DRIVERS\bthathfax.sys [75424 2011-01-06] (Microsoft Corporation) S3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-28] (hxxp://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2612728 2011-02-12] (Sunplus Technology) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] S4 RTWTKRNL; \??\C:\windows\system32\drivers\rtwtkrnl.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-14 21:41 - 2015-11-14 21:42 - 00040199 _____ C:\Users\tobias\Desktop\FRST.txt 2015-11-14 21:40 - 2015-11-14 21:40 - 00001014 _____ C:\Users\tobias\Desktop\checkup.txt 2015-11-14 21:21 - 2015-11-14 21:21 - 00852720 _____ C:\Users\tobias\Desktop\SecurityCheck.exe 2015-11-14 13:26 - 2015-11-14 13:26 - 00002770 _____ C:\windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 2015-11-14 11:50 - 2015-11-14 11:50 - 00000000 ___HD C:\OneDriveTemp 2015-11-14 11:29 - 2015-11-14 11:30 - 00001078 _____ C:\windows\system32dbgraw.bmp 2015-11-13 21:01 - 2015-11-13 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-13 20:53 - 2015-11-13 20:53 - 00000015 _____ C:\Users\tobias\Desktop\Neues Textdokument.txt 2015-11-12 19:26 - 2015-11-12 19:26 - 00000000 ____D C:\Program Files (x86)\ESET 2015-11-12 19:23 - 2015-11-14 21:41 - 00000000 ____D C:\FRST 2015-11-12 19:02 - 2015-11-12 19:02 - 02870984 _____ (ESET) C:\Users\tobias\Desktop\esetsmartinstaller_deu.exe 2015-11-12 18:53 - 2015-11-12 18:53 - 02198528 _____ (Farbar) C:\Users\tobias\Desktop\FRST64.exe 2015-11-12 18:31 - 2015-11-12 18:38 - 00000000 ____D C:\AdwCleaner 2015-11-12 17:34 - 2015-11-12 18:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-12 17:32 - 2015-11-12 19:26 - 00000000 ____D C:\Users\tobias\Desktop\ReportsVirenScan 2015-11-12 16:56 - 2015-11-12 16:56 - 00001062 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-12 16:56 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys 2015-11-12 16:56 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-11-12 16:56 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2015-11-12 16:49 - 2015-11-12 16:49 - 01798976 _____ (Malwarebytes) C:\Users\tobias\Desktop\JRT.exe 2015-11-12 16:31 - 2015-11-12 16:31 - 01712128 _____ C:\Users\tobias\Desktop\AdwCleaner_5.019.exe 2015-11-12 13:56 - 2015-11-12 13:57 - 00000000 ____D C:\Users\tobias\Downloads\Literatur TVT Tim 2015-11-12 11:08 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-11-11 19:43 - 2015-11-11 19:43 - 00002282 _____ C:\Users\tobias\AppData\Local\recently-used.xbel 2015-11-11 16:51 - 2015-11-11 16:51 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 12:46 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-11-11 12:46 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-11-11 12:46 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-11-11 12:46 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-11-11 12:46 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-11-11 12:46 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-11-11 12:45 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-11-11 12:45 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-11-11 12:45 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-11-11 12:45 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-11-11 12:45 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-11-11 12:45 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-11-11 12:45 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-11-11 12:45 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-11-11 12:45 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-11-11 12:45 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-11-11 12:45 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-11-11 12:45 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-11-11 12:45 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-11-11 12:45 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-11-11 12:45 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-11-11 12:45 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-11-11 12:45 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-11-11 12:45 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-11-11 12:45 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-11-11 12:45 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-11-11 12:45 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-11-11 12:45 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-11-11 12:45 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-11-11 12:45 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-11-11 12:45 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-11-11 12:45 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-11-11 12:45 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-11-11 12:45 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-11-11 12:45 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2015-11-11 12:45 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-11-11 12:45 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-11-11 12:45 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-11-11 12:45 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-11-11 12:45 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-11-11 12:45 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-11-11 12:45 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-11-11 12:45 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-11-11 12:45 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-11-11 12:45 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-11-11 12:45 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-11-11 12:45 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-11 12:45 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-11-11 12:45 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-11-11 12:45 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-11-11 12:45 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-11-11 12:45 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-11-11 12:45 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2015-11-11 12:45 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-11-11 12:45 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-11-11 12:45 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-11-11 12:45 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-11-11 12:45 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-11-11 12:45 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-11-11 12:45 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-11-11 12:45 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-11-11 12:45 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-11-11 12:45 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-11-11 12:45 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-11-11 12:44 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-11-11 12:44 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-11-11 12:44 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-11-11 12:44 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-11-11 12:44 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-11-11 12:44 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-11-11 12:44 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-11-11 12:44 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-11-11 12:44 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-11-11 12:44 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-11-11 12:44 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-11-11 12:44 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-11-11 12:44 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-11-11 12:44 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-11-11 12:44 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-11-11 12:44 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-11-11 12:44 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-11 12:44 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-11-11 12:44 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll 2015-11-11 12:44 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll 2015-11-11 12:43 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-11-11 12:43 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-11-11 12:43 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-11-11 12:43 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-11-11 12:43 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-11 12:43 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys 2015-11-11 12:43 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys 2015-11-11 12:42 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe 2015-11-11 12:42 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll 2015-11-11 12:42 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll 2015-11-11 12:42 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe 2015-11-11 12:42 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2015-11-11 12:42 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll 2015-11-11 12:42 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll 2015-11-11 12:42 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll 2015-11-08 21:15 - 2015-11-08 21:15 - 00016751 _____ C:\Users\tobias\Downloads\The.100.S02E15.HDTV.x264-KILLERS.en.rar 2015-11-08 21:15 - 2015-11-08 21:15 - 00014062 _____ C:\Users\tobias\Downloads\The.100.S02E16.HDTV.x264-KILLERS.en.rar 2015-11-08 21:14 - 2015-11-08 21:14 - 00015594 _____ C:\Users\tobias\Downloads\The.100.S02E14.HDTV.x264-KILLERS.en.rar 2015-11-08 14:48 - 2015-11-08 14:48 - 00000000 ____D C:\Users\tobias\Downloads\Various artists 2015-11-08 14:45 - 2015-11-08 14:45 - 157505792 _____ C:\Users\tobias\Downloads\AmazonMusicDownload.zip 2015-11-08 10:24 - 2015-11-08 10:24 - 00012921 _____ C:\Users\tobias\Downloads\The.100.S02E13.HDTV.x264-KILLERS.en.rar 2015-11-08 09:19 - 2015-11-08 09:11 - 00018116 _____ C:\Users\tobias\Downloads\The.100.S02E12.720p.HDTV.X264-DIMENSION.en.rar 2015-11-04 09:53 - 2015-11-04 09:53 - 00000000 ____D C:\Users\tobias\AppData\Local\CEF 2015-11-04 09:50 - 2015-11-07 12:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-04 09:50 - 2015-11-04 09:50 - 00002007 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-11-04 09:50 - 2015-11-04 09:50 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-03 18:51 - 2015-11-03 18:51 - 00000833 _____ C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2015-11-03 18:51 - 2015-11-03 18:51 - 00000785 _____ C:\Users\tobias\Desktop\Start Tor Browser.lnk 2015-11-03 18:49 - 2015-11-08 08:59 - 00000000 ____D C:\Users\tobias\Desktop\Tor Browser 2015-11-03 18:47 - 2015-11-03 18:48 - 44189792 _____ C:\Users\tobias\Downloads\torbrowser-install-5.0.3_de.exe 2015-11-01 17:02 - 2015-11-08 09:09 - 00000073 _____ C:\Users\tobias\Desktop\Note_2015_11_01.txt 2015-10-27 16:45 - 2015-10-27 16:45 - 00000967 _____ C:\Users\Public\Desktop\ownCloud.lnk 2015-10-23 16:33 - 2015-05-06 05:58 - 00054157 _____ C:\Users\tobias\Downloads\Person.of.Interest.S04E22.720p.HDTV.X264-DIMENSION.en.srt 2015-10-21 17:03 - 2015-10-21 17:03 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-21 17:03 - 2015-10-21 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-21 17:02 - 2015-10-21 17:03 - 00000000 ____D C:\Program Files\iTunes 2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 ____D C:\Program Files\iPod 2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-21 16:56 - 2015-10-21 16:56 - 00000000 ____D C:\Program Files\Bonjour 2015-10-21 16:56 - 2015-10-21 16:56 - 00000000 ____D C:\Program Files (x86)\Bonjour 2015-10-21 16:55 - 2015-10-21 16:55 - 00000000 ____D C:\windows\System32\Tasks\Apple 2015-10-21 16:55 - 2015-10-21 16:55 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2015-10-19 08:30 - 2015-10-19 08:30 - 00001083 _____ C:\Users\Public\Desktop\Sync-my-L2P.lnk 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\Users\tobias\AppData\Local\Sync-my-L2P 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sync-my-L2P 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\Program Files (x86)\SyncMyL2P-2.1.1 2015-10-17 09:35 - 2015-11-07 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 13:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2015-10-16 13:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-10-16 13:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-14 21:36 - 2015-06-16 21:22 - 00001228 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001UA.job 2015-11-14 21:27 - 2012-11-09 08:05 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-11-14 21:18 - 2012-03-14 00:00 - 01830024 _____ C:\windows\WindowsUpdate.log 2015-11-14 12:04 - 2012-03-13 22:23 - 00000000 ___RD C:\Users\tobias\Documents\Dropbox 2015-11-14 12:04 - 2012-03-13 22:22 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Dropbox 2015-11-14 11:50 - 2013-12-25 08:26 - 00000000 ___RD C:\Users\tobias\Documents\SkyDrive 2015-11-14 11:40 - 2009-07-14 05:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-14 11:40 - 2009-07-14 05:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-14 11:33 - 2015-02-06 15:05 - 00000000 ____D C:\Users\tobias\AppData\Local\ownCloud 2015-11-14 11:29 - 2015-03-16 15:38 - 00041841 _____ C:\windows\setupact.log 2015-11-14 11:29 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-11-13 19:04 - 2011-12-24 21:38 - 00705560 _____ C:\windows\system32\perfh007.dat 2015-11-13 19:04 - 2011-12-24 21:38 - 00151670 _____ C:\windows\system32\perfc007.dat 2015-11-13 19:04 - 2009-07-14 06:13 - 01631052 _____ C:\windows\system32\PerfStringBackup.INI 2015-11-13 16:38 - 2012-03-13 15:46 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{FF903F77-4601-4548-B46C-66713F277F03} 2015-11-13 04:22 - 2015-02-15 11:26 - 00000000 ____D C:\windows\rescache 2015-11-13 03:20 - 2009-07-14 05:45 - 00552248 _____ C:\windows\system32\FNTCACHE.DAT 2015-11-12 23:35 - 2015-06-16 21:22 - 00001176 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001Core.job 2015-11-12 18:42 - 2015-02-06 15:07 - 00000000 ____D C:\Users\tobias\Documents\ownCloud 2015-11-12 18:18 - 2015-04-07 19:32 - 00222710 _____ C:\windows\PFRO.log 2015-11-12 16:52 - 2012-03-16 10:24 - 00000000 ____D C:\Users\tobias\AppData\Roaming\vlc 2015-11-12 11:26 - 2013-08-08 14:56 - 00000000 ____D C:\windows\system32\MRT 2015-11-12 11:02 - 2012-03-14 19:27 - 145617392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-11-12 10:58 - 2013-01-12 12:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 10:40 - 2011-12-24 22:24 - 01609076 _____ C:\windows\SysWOW64\PerfStringBackup.INI 2015-11-12 10:27 - 2011-02-11 06:02 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-12 10:13 - 2015-08-05 19:23 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleFortobias.job 2015-11-11 21:47 - 2014-01-11 16:19 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 apoEdition 2015-11-11 20:32 - 2015-08-05 19:23 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleFortobias 2015-11-11 20:31 - 2012-03-14 11:00 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log 2015-11-11 17:27 - 2012-11-09 08:05 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-11-11 17:27 - 2012-04-15 15:12 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 17:27 - 2012-03-16 13:01 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-08 09:00 - 2009-07-14 03:34 - 00000524 _____ C:\windows\win.ini 2015-11-08 08:47 - 2012-05-08 11:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-04 17:22 - 2012-03-17 10:43 - 00000000 ____D C:\Users\tobias\AppData\Local\CrashDumps 2015-11-04 09:53 - 2012-03-16 10:51 - 00000000 ____D C:\Users\tobias\AppData\Local\Adobe 2015-11-04 09:51 - 2014-12-25 15:30 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-04 09:50 - 2012-03-16 10:48 - 00000000 ____D C:\ProgramData\Adobe 2015-11-03 18:17 - 2012-11-10 10:59 - 00003704 _____ C:\windows\System32\Tasks\Java Update Scheduler 2015-10-27 16:45 - 2015-02-06 15:05 - 00000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk 2015-10-27 16:45 - 2015-02-06 15:03 - 00000000 ____D C:\Program Files (x86)\ownCloud 2015-10-27 16:19 - 2014-04-08 11:29 - 00002180 _____ C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-10-25 11:11 - 2013-10-28 17:19 - 00000000 ____D C:\ProgramData\Oracle 2015-10-25 11:10 - 2015-10-13 16:32 - 00000000 ____D C:\Users\tobias\.oracle_jre_usage 2015-10-25 11:10 - 2013-10-28 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-25 11:09 - 2014-07-20 11:09 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-25 11:09 - 2013-12-18 22:30 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-25 10:59 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT 2015-10-24 14:32 - 2012-04-13 08:18 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForNBTOBIAS1$ 2015-10-24 14:32 - 2012-04-13 08:18 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForNBTOBIAS1$.job 2015-10-23 15:46 - 2014-12-21 16:04 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Nitro PDF 2015-10-21 17:02 - 2012-03-13 22:32 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-21 16:55 - 2012-03-13 22:32 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-10-19 15:21 - 2013-02-24 15:56 - 00000000 ____D C:\Program Files (x86)\Sync-my-L2P 2015-10-17 09:20 - 2014-12-12 16:33 - 00000000 ____D C:\windows\system32\appraiser 2015-10-17 09:20 - 2014-05-07 08:58 - 00000000 ___SD C:\windows\system32\CompatTel ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-28 12:31 - 2013-12-28 12:31 - 5082084 _____ (The Public) C:\Users\tobias\AppData\Roaming\Avisynth.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 5243208 _____ ( ) C:\Users\tobias\AppData\Roaming\AvsP.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 4575156 _____ (ffdshow ) C:\Users\tobias\AppData\Roaming\ffdshow.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 5514668 _____ (LIGHTNING UK!) C:\Users\tobias\AppData\Roaming\Imgburn.exe 2011-02-24 00:10 - 2011-02-24 00:10 - 0020432 _____ (Intel Corporation) C:\Users\tobias\AppData\Roaming\JomCap.dll 2012-03-13 15:28 - 2012-03-13 15:30 - 0055948 _____ () C:\Users\tobias\AppData\Roaming\QWInstall.log 2013-12-28 12:31 - 2013-12-28 12:31 - 7760687 _____ (Boraxsoft) C:\Users\tobias\AppData\Roaming\SetupGFD.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 0642685 _____ (Xvid team ) C:\Users\tobias\AppData\Roaming\xvid.exe 2013-04-02 16:32 - 2014-01-25 14:49 - 0054784 _____ () C:\Users\tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-11 19:43 - 2015-11-11 19:43 - 0002282 _____ () C:\Users\tobias\AppData\Local\recently-used.xbel 2013-10-22 19:45 - 2013-10-22 19:45 - 0000017 _____ () C:\Users\tobias\AppData\Local\resmon.resmoncfg 2015-08-23 08:35 - 2015-08-23 08:35 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-09-19 08:17 - 2014-09-19 08:17 - 0000252 _____ () C:\ProgramData\FastPics.log 2012-03-26 09:15 - 2014-09-23 17:41 - 0000624 _____ () C:\ProgramData\lxdw.log 2014-09-18 15:09 - 2014-09-18 15:10 - 0000248 _____ () C:\ProgramData\lxdwDiagnostics.log 2013-06-28 11:10 - 2013-06-28 11:10 - 0002082 _____ () C:\ProgramData\regid.2002-12.it.k-sol,projectreader_ADBA5736-2070-4B17-8489-5EE61980C4CE.swidtag 2014-09-18 15:09 - 2014-09-18 15:09 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Einige Dateien in TEMP: ==================== C:\Users\tobias\AppData\Local\Temp\avgnt.exe C:\Users\tobias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyzrelu.dll C:\Users\tobias\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\windows\explorer.exe => Datei ist digital signiert C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\SysWOW64\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-11 20:46 ==================== Ende von FRST.txt ============================ |
14.11.2015, 21:45 | #7 |
| Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 durchgeführt von tobias (Administrator) auf NBTOBIAS1 (14-11-2015 21:41:26) Gestartet von C:\Users\tobias\Desktop Geladene Profile: tobias (Verfügbare Profile: tobias) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Tobit.Software) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe () C:\Program Files (x86)\ownCloud\owncloud.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Akamai Technologies, Inc.) C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe (Dropbox, Inc.) C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Akamai Technologies, Inc.) C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe () C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Communications) HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-03-01] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated) HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-14] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation) HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] () HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-23] (Apple Inc.) HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2006-11-29] (Ulead Systems, Inc.) HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [228352 2010-04-28] () HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-13] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-07-30] (Autodesk Inc.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X] HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] () HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Dropbox Update] => C:\Users\tobias\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Akamai NetSession Interface] => C:\Users\tobias\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: G - G:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {16a9969e-13a0-11e2-b290-e4115b3ba111} - G:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {610c28cf-6508-11e4-a45f-e4115b3ba111} - I:\DTVP_Launcher.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {afccd57f-2c98-11e5-8394-e4115b3ba111} - I:\AutoRun.exe HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\MountPoints2: {afccd58f-2c98-11e5-8394-e4115b3ba111} - I:\AutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc.) IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\aclauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\activate_matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AdAppMgr.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\AdSync.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\agatha christie - peril at end house-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\bejeweled2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\blasterball3-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\bounce-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\buildalot5-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\cake mania-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\cd_label.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\chuzzle deluxe-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\deactivate_matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\diner dash 2 restaurant rescue-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\drivegreen1-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\farm frenzy-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\fate-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\gameconsole-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\hppa_main.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\iedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\iedit_.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\insaniquarium-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\ipsecdialer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\jewelquest2-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\jqsolitaire-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\matlab.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\mediaimpression.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\netviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\netviewerk6.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\onplay.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\penguins-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\plants vs. zombies-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\polar-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\provider.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\scrconfig.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\scrsetup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\setmtu.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\slideshowplayer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\slingo-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\smkonv.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\softpaqdownloadmanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\startstarmoney.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tmextreme.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tmshowbiz.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\tunngle.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\udtstart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\uninstalltool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\utmstudioframe.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\uwebcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\virtual villagers - the secret city-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\vpngui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\wedding dash-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" IFEO\zuma-wt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe" Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tobias\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2012-03-14] ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-11] ShortcutTarget: Dropbox.lnk -> C:\Users\tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-11-11] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{3B4033D6-F242-4ABB-AFF2-4D1ABD9D54B7}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-3842400618-988267013-911341351-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10 SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3842400618-988267013-911341351-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3842400618-988267013-911341351-1001 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07] (Hewlett-Packard) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-25] (Oracle Corporation) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-08-01] (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-25] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-08-01] (Microsoft Corporation.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.) FireFox: ======== FF ProfilePath: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default FF Keyword.URL: FF NetworkProxy: "http", "81.169.187.212" FF NetworkProxy: "http_port", 8000 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\google-images.xml [2014-12-14] FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\google-maps.xml [2014-12-14] FF SearchPlugin: C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\searchplugins\ixquick-ssl.xml [2014-01-16] FF Extension: Avira Browser Safety - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\abs@avira.com [2015-05-13] [ist nicht signiert] FF Extension: Zotero - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\zotero@chnm.gmu.edu.xpi [2015-02-25] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24] FF Extension: DownThemAll! - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-02-05] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-01-27] [ist nicht signiert] FF HKU\S-1-5-21-3842400618-988267013-911341351-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\tobias\AppData\Roaming\Mozilla\Firefox\Profiles\lb2llahf.default\extensions\cliqz@cliqz.com => nicht gefunden ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1129864 2015-07-30] (Autodesk Inc.) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-13] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-13] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-13] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-13] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros) [Datei ist nicht signiert] S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-06] (Atheros Commnucations) [Datei ist nicht signiert] R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.) S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company) S4 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company) R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [320000 2011-02-07] (Hewlett-Packard) [Datei ist nicht signiert] R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [Datei ist nicht signiert] R2 mitsijm2015; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [968480 2013-10-11] (Autodesk, Inc.) R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc) R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-03-01] (IDT, Inc.) [Datei ist nicht signiert] S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH) S4 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2144056 2013-12-11] (TuneUp Software) S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [Datei ist nicht signiert] R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-10-07] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-10-07] (Avira Operations GmbH & Co. KG) S3 bthathfax; C:\Windows\System32\DRIVERS\bthathfax.sys [75424 2011-01-06] (Microsoft Corporation) S3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-05-10] (Hewlett-Packard Company) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-28] (hxxp://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2612728 2011-02-12] (Sunplus Technology) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2012-02-09] (TuneUp Software) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-10-10] (Cisco Systems, Inc.) S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X] S4 RTWTKRNL; \??\C:\windows\system32\drivers\rtwtkrnl.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-14 21:41 - 2015-11-14 21:42 - 00040199 _____ C:\Users\tobias\Desktop\FRST.txt 2015-11-14 21:40 - 2015-11-14 21:40 - 00001014 _____ C:\Users\tobias\Desktop\checkup.txt 2015-11-14 21:21 - 2015-11-14 21:21 - 00852720 _____ C:\Users\tobias\Desktop\SecurityCheck.exe 2015-11-14 13:26 - 2015-11-14 13:26 - 00002770 _____ C:\windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 2015-11-14 11:50 - 2015-11-14 11:50 - 00000000 ___HD C:\OneDriveTemp 2015-11-14 11:29 - 2015-11-14 11:30 - 00001078 _____ C:\windows\system32dbgraw.bmp 2015-11-13 21:01 - 2015-11-13 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-13 20:53 - 2015-11-13 20:53 - 00000015 _____ C:\Users\tobias\Desktop\Neues Textdokument.txt 2015-11-12 19:26 - 2015-11-12 19:26 - 00000000 ____D C:\Program Files (x86)\ESET 2015-11-12 19:23 - 2015-11-14 21:41 - 00000000 ____D C:\FRST 2015-11-12 19:02 - 2015-11-12 19:02 - 02870984 _____ (ESET) C:\Users\tobias\Desktop\esetsmartinstaller_deu.exe 2015-11-12 18:53 - 2015-11-12 18:53 - 02198528 _____ (Farbar) C:\Users\tobias\Desktop\FRST64.exe 2015-11-12 18:31 - 2015-11-12 18:38 - 00000000 ____D C:\AdwCleaner 2015-11-12 17:34 - 2015-11-12 18:24 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-12 17:32 - 2015-11-12 19:26 - 00000000 ____D C:\Users\tobias\Desktop\ReportsVirenScan 2015-11-12 16:56 - 2015-11-12 16:56 - 00001062 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-12 16:56 - 2015-11-12 16:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-12 16:56 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys 2015-11-12 16:56 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-11-12 16:56 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2015-11-12 16:49 - 2015-11-12 16:49 - 01798976 _____ (Malwarebytes) C:\Users\tobias\Desktop\JRT.exe 2015-11-12 16:31 - 2015-11-12 16:31 - 01712128 _____ C:\Users\tobias\Desktop\AdwCleaner_5.019.exe 2015-11-12 13:56 - 2015-11-12 13:57 - 00000000 ____D C:\Users\tobias\Downloads\Literatur TVT Tim 2015-11-12 11:08 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-11-11 19:43 - 2015-11-11 19:43 - 00002282 _____ C:\Users\tobias\AppData\Local\recently-used.xbel 2015-11-11 16:51 - 2015-11-11 16:51 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 12:46 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-11-11 12:46 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-11-11 12:46 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-11-11 12:46 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-11-11 12:46 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-11-11 12:46 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-11-11 12:46 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-11-11 12:46 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-11-11 12:45 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-11-11 12:45 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-11-11 12:45 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-11-11 12:45 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-11-11 12:45 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-11-11 12:45 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-11-11 12:45 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-11-11 12:45 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-11-11 12:45 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-11-11 12:45 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-11-11 12:45 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-11-11 12:45 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-11-11 12:45 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-11-11 12:45 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-11-11 12:45 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-11-11 12:45 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-11-11 12:45 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-11-11 12:45 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-11-11 12:45 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-11-11 12:45 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-11-11 12:45 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-11-11 12:45 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-11-11 12:45 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-11-11 12:45 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-11-11 12:45 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-11-11 12:45 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-11-11 12:45 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-11-11 12:45 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-11-11 12:45 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-11-11 12:45 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2015-11-11 12:45 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-11-11 12:45 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-11-11 12:45 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-11-11 12:45 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-11-11 12:45 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-11-11 12:45 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-11-11 12:45 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-11-11 12:45 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-11-11 12:45 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-11-11 12:45 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-11-11 12:45 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-11-11 12:45 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-11-11 12:45 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-11 12:45 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-11-11 12:45 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-11-11 12:45 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-11-11 12:45 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-11-11 12:45 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-11-11 12:45 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2015-11-11 12:45 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-11-11 12:45 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-11-11 12:45 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-11-11 12:45 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-11-11 12:45 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-11-11 12:45 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-11-11 12:45 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-11-11 12:45 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-11-11 12:45 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-11-11 12:45 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-11-11 12:45 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-11-11 12:44 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-11-11 12:44 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-11-11 12:44 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-11-11 12:44 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-11-11 12:44 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-11-11 12:44 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-11-11 12:44 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-11-11 12:44 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-11-11 12:44 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-11-11 12:44 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-11-11 12:44 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-11-11 12:44 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-11-11 12:44 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-11-11 12:44 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-11-11 12:44 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-11-11 12:44 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-11-11 12:44 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-11-11 12:44 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-11-11 12:44 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-11-11 12:44 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-11-11 12:44 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 12:44 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-11 12:44 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-11-11 12:44 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll 2015-11-11 12:44 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll 2015-11-11 12:43 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-11-11 12:43 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-11-11 12:43 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-11 12:43 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-11-11 12:43 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-11-11 12:43 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-11 12:43 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys 2015-11-11 12:43 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys 2015-11-11 12:42 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe 2015-11-11 12:42 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll 2015-11-11 12:42 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll 2015-11-11 12:42 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll 2015-11-11 12:42 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe 2015-11-11 12:42 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2015-11-11 12:42 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll 2015-11-11 12:42 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll 2015-11-11 12:42 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll 2015-11-08 21:15 - 2015-11-08 21:15 - 00016751 _____ C:\Users\tobias\Downloads\The.100.S02E15.HDTV.x264-KILLERS.en.rar 2015-11-08 21:15 - 2015-11-08 21:15 - 00014062 _____ C:\Users\tobias\Downloads\The.100.S02E16.HDTV.x264-KILLERS.en.rar 2015-11-08 21:14 - 2015-11-08 21:14 - 00015594 _____ C:\Users\tobias\Downloads\The.100.S02E14.HDTV.x264-KILLERS.en.rar 2015-11-08 14:48 - 2015-11-08 14:48 - 00000000 ____D C:\Users\tobias\Downloads\Various artists 2015-11-08 14:45 - 2015-11-08 14:45 - 157505792 _____ C:\Users\tobias\Downloads\AmazonMusicDownload.zip 2015-11-08 10:24 - 2015-11-08 10:24 - 00012921 _____ C:\Users\tobias\Downloads\The.100.S02E13.HDTV.x264-KILLERS.en.rar 2015-11-08 09:19 - 2015-11-08 09:11 - 00018116 _____ C:\Users\tobias\Downloads\The.100.S02E12.720p.HDTV.X264-DIMENSION.en.rar 2015-11-04 09:53 - 2015-11-04 09:53 - 00000000 ____D C:\Users\tobias\AppData\Local\CEF 2015-11-04 09:50 - 2015-11-07 12:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-04 09:50 - 2015-11-04 09:50 - 00002007 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-11-04 09:50 - 2015-11-04 09:50 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-11-03 18:51 - 2015-11-03 18:51 - 00000833 _____ C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2015-11-03 18:51 - 2015-11-03 18:51 - 00000785 _____ C:\Users\tobias\Desktop\Start Tor Browser.lnk 2015-11-03 18:49 - 2015-11-08 08:59 - 00000000 ____D C:\Users\tobias\Desktop\Tor Browser 2015-11-03 18:47 - 2015-11-03 18:48 - 44189792 _____ C:\Users\tobias\Downloads\torbrowser-install-5.0.3_de.exe 2015-11-01 17:02 - 2015-11-08 09:09 - 00000073 _____ C:\Users\tobias\Desktop\Note_2015_11_01.txt 2015-10-27 16:45 - 2015-10-27 16:45 - 00000967 _____ C:\Users\Public\Desktop\ownCloud.lnk 2015-10-23 16:33 - 2015-05-06 05:58 - 00054157 _____ C:\Users\tobias\Downloads\Person.of.Interest.S04E22.720p.HDTV.X264-DIMENSION.en.srt 2015-10-21 17:03 - 2015-10-21 17:03 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-21 17:03 - 2015-10-21 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-21 17:02 - 2015-10-21 17:03 - 00000000 ____D C:\Program Files\iTunes 2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 ____D C:\Program Files\iPod 2015-10-21 17:02 - 2015-10-21 17:02 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-21 16:56 - 2015-10-21 16:56 - 00000000 ____D C:\Program Files\Bonjour 2015-10-21 16:56 - 2015-10-21 16:56 - 00000000 ____D C:\Program Files (x86)\Bonjour 2015-10-21 16:55 - 2015-10-21 16:55 - 00000000 ____D C:\windows\System32\Tasks\Apple 2015-10-21 16:55 - 2015-10-21 16:55 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2015-10-19 08:30 - 2015-10-19 08:30 - 00001083 _____ C:\Users\Public\Desktop\Sync-my-L2P.lnk 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\Users\tobias\AppData\Local\Sync-my-L2P 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sync-my-L2P 2015-10-19 08:30 - 2015-10-19 08:30 - 00000000 ____D C:\Program Files (x86)\SyncMyL2P-2.1.1 2015-10-17 09:35 - 2015-11-07 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 13:51 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2015-10-16 13:51 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-10-16 13:51 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-10-16 13:51 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-14 21:36 - 2015-06-16 21:22 - 00001228 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001UA.job 2015-11-14 21:27 - 2012-11-09 08:05 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-11-14 21:18 - 2012-03-14 00:00 - 01830024 _____ C:\windows\WindowsUpdate.log 2015-11-14 12:04 - 2012-03-13 22:23 - 00000000 ___RD C:\Users\tobias\Documents\Dropbox 2015-11-14 12:04 - 2012-03-13 22:22 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Dropbox 2015-11-14 11:50 - 2013-12-25 08:26 - 00000000 ___RD C:\Users\tobias\Documents\SkyDrive 2015-11-14 11:40 - 2009-07-14 05:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-14 11:40 - 2009-07-14 05:45 - 00031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-14 11:33 - 2015-02-06 15:05 - 00000000 ____D C:\Users\tobias\AppData\Local\ownCloud 2015-11-14 11:29 - 2015-03-16 15:38 - 00041841 _____ C:\windows\setupact.log 2015-11-14 11:29 - 2009-07-14 06:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-11-13 19:04 - 2011-12-24 21:38 - 00705560 _____ C:\windows\system32\perfh007.dat 2015-11-13 19:04 - 2011-12-24 21:38 - 00151670 _____ C:\windows\system32\perfc007.dat 2015-11-13 19:04 - 2009-07-14 06:13 - 01631052 _____ C:\windows\system32\PerfStringBackup.INI 2015-11-13 16:38 - 2012-03-13 15:46 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{FF903F77-4601-4548-B46C-66713F277F03} 2015-11-13 04:22 - 2015-02-15 11:26 - 00000000 ____D C:\windows\rescache 2015-11-13 03:20 - 2009-07-14 05:45 - 00552248 _____ C:\windows\system32\FNTCACHE.DAT 2015-11-12 23:35 - 2015-06-16 21:22 - 00001176 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3842400618-988267013-911341351-1001Core.job 2015-11-12 18:42 - 2015-02-06 15:07 - 00000000 ____D C:\Users\tobias\Documents\ownCloud 2015-11-12 18:18 - 2015-04-07 19:32 - 00222710 _____ C:\windows\PFRO.log 2015-11-12 16:52 - 2012-03-16 10:24 - 00000000 ____D C:\Users\tobias\AppData\Roaming\vlc 2015-11-12 11:26 - 2013-08-08 14:56 - 00000000 ____D C:\windows\system32\MRT 2015-11-12 11:02 - 2012-03-14 19:27 - 145617392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2015-11-12 10:58 - 2013-01-12 12:43 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 10:40 - 2011-12-24 22:24 - 01609076 _____ C:\windows\SysWOW64\PerfStringBackup.INI 2015-11-12 10:27 - 2011-02-11 06:02 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-12 10:13 - 2015-08-05 19:23 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleFortobias.job 2015-11-11 21:47 - 2014-01-11 16:19 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 apoEdition 2015-11-11 20:32 - 2015-08-05 19:23 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleFortobias 2015-11-11 20:31 - 2012-03-14 11:00 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log 2015-11-11 17:27 - 2012-11-09 08:05 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-11-11 17:27 - 2012-04-15 15:12 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 17:27 - 2012-03-16 13:01 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-08 09:00 - 2009-07-14 03:34 - 00000524 _____ C:\windows\win.ini 2015-11-08 08:47 - 2012-05-08 11:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-04 17:22 - 2012-03-17 10:43 - 00000000 ____D C:\Users\tobias\AppData\Local\CrashDumps 2015-11-04 09:53 - 2012-03-16 10:51 - 00000000 ____D C:\Users\tobias\AppData\Local\Adobe 2015-11-04 09:51 - 2014-12-25 15:30 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-04 09:50 - 2012-03-16 10:48 - 00000000 ____D C:\ProgramData\Adobe 2015-11-03 18:17 - 2012-11-10 10:59 - 00003704 _____ C:\windows\System32\Tasks\Java Update Scheduler 2015-10-27 16:45 - 2015-02-06 15:05 - 00000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk 2015-10-27 16:45 - 2015-02-06 15:03 - 00000000 ____D C:\Program Files (x86)\ownCloud 2015-10-27 16:19 - 2014-04-08 11:29 - 00002180 _____ C:\Users\tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-10-25 11:11 - 2013-10-28 17:19 - 00000000 ____D C:\ProgramData\Oracle 2015-10-25 11:10 - 2015-10-13 16:32 - 00000000 ____D C:\Users\tobias\.oracle_jre_usage 2015-10-25 11:10 - 2013-10-28 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-25 11:09 - 2014-07-20 11:09 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-25 11:09 - 2013-12-18 22:30 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-25 10:59 - 2009-07-14 06:08 - 00032640 _____ C:\windows\Tasks\SCHEDLGU.TXT 2015-10-24 14:32 - 2012-04-13 08:18 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForNBTOBIAS1$ 2015-10-24 14:32 - 2012-04-13 08:18 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForNBTOBIAS1$.job 2015-10-23 15:46 - 2014-12-21 16:04 - 00000000 ____D C:\Users\tobias\AppData\Roaming\Nitro PDF 2015-10-21 17:02 - 2012-03-13 22:32 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-21 16:55 - 2012-03-13 22:32 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-10-19 15:21 - 2013-02-24 15:56 - 00000000 ____D C:\Program Files (x86)\Sync-my-L2P 2015-10-17 09:20 - 2014-12-12 16:33 - 00000000 ____D C:\windows\system32\appraiser 2015-10-17 09:20 - 2014-05-07 08:58 - 00000000 ___SD C:\windows\system32\CompatTel ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-28 12:31 - 2013-12-28 12:31 - 5082084 _____ (The Public) C:\Users\tobias\AppData\Roaming\Avisynth.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 5243208 _____ ( ) C:\Users\tobias\AppData\Roaming\AvsP.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 4575156 _____ (ffdshow ) C:\Users\tobias\AppData\Roaming\ffdshow.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 5514668 _____ (LIGHTNING UK!) C:\Users\tobias\AppData\Roaming\Imgburn.exe 2011-02-24 00:10 - 2011-02-24 00:10 - 0020432 _____ (Intel Corporation) C:\Users\tobias\AppData\Roaming\JomCap.dll 2012-03-13 15:28 - 2012-03-13 15:30 - 0055948 _____ () C:\Users\tobias\AppData\Roaming\QWInstall.log 2013-12-28 12:31 - 2013-12-28 12:31 - 7760687 _____ (Boraxsoft) C:\Users\tobias\AppData\Roaming\SetupGFD.exe 2013-12-28 12:31 - 2013-12-28 12:31 - 0642685 _____ (Xvid team ) C:\Users\tobias\AppData\Roaming\xvid.exe 2013-04-02 16:32 - 2014-01-25 14:49 - 0054784 _____ () C:\Users\tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-11 19:43 - 2015-11-11 19:43 - 0002282 _____ () C:\Users\tobias\AppData\Local\recently-used.xbel 2013-10-22 19:45 - 2013-10-22 19:45 - 0000017 _____ () C:\Users\tobias\AppData\Local\resmon.resmoncfg 2015-08-23 08:35 - 2015-08-23 08:35 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-09-19 08:17 - 2014-09-19 08:17 - 0000252 _____ () C:\ProgramData\FastPics.log 2012-03-26 09:15 - 2014-09-23 17:41 - 0000624 _____ () C:\ProgramData\lxdw.log 2014-09-18 15:09 - 2014-09-18 15:10 - 0000248 _____ () C:\ProgramData\lxdwDiagnostics.log 2013-06-28 11:10 - 2013-06-28 11:10 - 0002082 _____ () C:\ProgramData\regid.2002-12.it.k-sol,projectreader_ADBA5736-2070-4B17-8489-5EE61980C4CE.swidtag 2014-09-18 15:09 - 2014-09-18 15:09 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt Einige Dateien in TEMP: ==================== C:\Users\tobias\AppData\Local\Temp\avgnt.exe C:\Users\tobias\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyzrelu.dll C:\Users\tobias\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\windows\explorer.exe => Datei ist digital signiert C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\SysWOW64\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-11 20:46 ==================== Ende von FRST.txt ============================ |
15.11.2015, 06:55 | #8 |
/// the machine /// TB-Ausbilder | Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\tobias\AppData\Local\Mozilla\Firefox\Profiles\lb2llahf.default\cache2\entries\8494D8B42E33F037E2F95457A4F5132A420EB71D C:\Windows\Installer\cac77.msi Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Und falls Du mit dem Gedanken spielst den Rechner zum Toaster umzubauen unbedingt Tune Up weiter nutzen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
15.11.2015, 10:35 | #9 |
| Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt Alles klar! Tune Up ist deinstalliert. Vielen Dank für die Hilfe! Hier der Fixlog (Ich denke, dass der Ordner "lb2llahf.default\cache2\entries" nicht gefunden wurde, liegt daran, dass ich gestern das "Löschen der Chronik nach jeder Sitzung" eingestellt habe) Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015 durchgeführt von tobias (2015-11-15 10:13:29) Run:1 Gestartet von C:\Users\tobias\Desktop Geladene Profile: tobias (Verfügbare Profile: tobias) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** C:\Users\tobias\AppData\Local\Mozilla\Firefox\Profiles\lb2llahf.default\cache2\entries\8494D8B42E33F037E2F95457A4F5132A420EB71D C:\Windows\Installer\cac77.msi Emptytemp: ***************** "C:\Users\tobias\AppData\Local\Mozilla\Firefox\Profiles\lb2llahf.default\cache2\entries\8494D8B42E33F037E2F95457A4F5132A420EB71D" => nicht gefunden. C:\Windows\Installer\cac77.msi => erfolgreich verschoben EmptyTemp: => 774.8 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 10:14:59 ==== |
15.11.2015, 15:40 | #10 |
/// the machine /// TB-Ausbilder | Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt passt
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Win7 Avira Meldung PUA/InstallMonetizer.Gen, weiteren Scan mit mbam durchgeführt |
askbar, avira, browser, desktop, dllhost.exe, einstellungen, google, iexplore.exe, infizierte, internet, internet explorer, launch, modul, mozilla, programm, proxy, prozesse, pua/installmonetizer.gen, registry, scan, services.exe, software, svchost.exe, temp, usb, warnung, windows, winlogon.exe, wmp |