Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Tohotweb.com Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 14.11.2015, 11:09   #1
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



Halli Hallo,

Ich habe mir irgendwie den Virus Tohotweb.com eingefangen. Er setzt sich als Startseite in die Browser, dabei ist es egal welchen Browser ich öffne, ob Internet Explorer oder Google Chrome. Allerdings ist er nicht als Startseite eingetragen.
Und es öffnen sich ständig Pop up Fenster mit Werbung. In Google Chrome z.B. ist aber ein Pop up Blocker drin. Das muss von diesem Virus kommen, und es nervt wenn ich was im Internet suche, alle Fenster wegklicken muss.
Zu dem ganzen Übel wird der Rechner extrem Langsam und Windows brauch lange um zu starten. Wenn er hochfährt sehe ich manchmal 5 min lang nur einen schwarzen Bildschirm, und dann fährt er irgendwann komplett hoch.

Der Virenscanner findet nichts. Bist auf ständig auftauchender Junkeware. Die findet er brav und löscht sie. Allerdings findet er nicht mehr.

Es haussieren viele Anleitungen wie ich diesen Virus entfernen kann, allerdings helfen keine davon.

Vom Computer löschen:
Sie sagen unter Programme deinstallieren, Nach datum sortieren und diesen Virus Tohotweb.com suchen und Unbekannte Programme löschen. Unbekannte Programme habe ich gelöscht aber diesen Tohotweb.com finde ich dort nicht.
Dann bin ich in die regeidit rein gegangen und unter user -> Microsoft -> Internet Explorer -> Main sollte irgend ein Random stehen. Das tut es bei mir aber nicht.
Selbst im abgesicherten Modus finde ich nichts und auch der Virenscanner nicht.

Es wird immer auf Spyhunter verwiesen. Der findet ja unzählige vieren und das kann ich in erster Linie nicht ganz so glauben. Und dann wenn ich sie entfernen will soll ich zahlen. Das Programm macht mir keinen guten Eindruck, so das ich es wieder entfernt habe.

Aus den Browsern entfernen:
Unter Google Chrome -> Einstellung -> Erweitert unbekannte Programme gelöscht. Sogar das ganze Profil und auch auf Einstellung zurücksetzen hat nicht geholfen.

Ich bin echt ratlos und möchte es eigentlich verhindern meinen Laptop kommplet neu aufzusetzen.

Ich weiß nicht was ihr für Eckdaten braucht?

Virenscanner: G DATA
Laptop: Acer Aspire V 15 Nitro

Alt 14.11.2015, 11:19   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.11.2015, 11:34   #3
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Simone (Administrator) auf SIMONE-PC (14-11-2015 11:27:13)
Gestartet von C:\Users\Simone\Downloads
Geladene Profile: Simone (Verfügbare Profile: Simone)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKAE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKAE.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\GUI\GDSC.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVK.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-08-26] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-01-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [Epson Stylus SX525WD(Netzwerk)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-10-19] (SUPERAntiSpyware)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-08-02] (Microsoft Corporation)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9-x64 01 C:\Windows\system32\acengine64.dll [308144 2015-11-07] (Abengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\acengine64.dll [308144 2015-11-07] (Abengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\acengine64.dll [308144 2015-11-07] (Abengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\acengine64.dll [308144 2015-11-07] (Abengine)
Winsock: Catalog9-x64 16 C:\Windows\system32\acengine64.dll [308144 2015-11-07] (Abengine)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F9667D8B-BE2A-4987-91C3-25554B84692C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.tohotweb.com?oem=sunadusv4&uid=W77082F6_ST1000LM014-1EJ164&tm=1446659530
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.tohotweb.com?oem=sunadusv4&uid=W77082F6_ST1000LM014-1EJ164&tm=1446659530
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_31&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0CzytA0AtB0FyBtAyC0AtAyEzyzyyDtN0D0Tzu0StCtAtDzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEzzzy0AyC0EtB0EtGtDzytA0DtGtAtDyC0FtGtB0DtCtCtG0F0BtD0FyB0FyE0EtByByE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AyEtDtB0F0DtDtGyE0AtA0BtGyE0BtBzztGzz0B0CtBtGtCtC0B0EtCtA0EtB0CyE0E0D2QtN0A0LzuyE%26cr%3D295985657%26a%3Dwncy_ir_15_31%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_31&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0CzytA0AtB0FyBtAyC0AtAyEzyzyyDtN0D0Tzu0StCtAtDzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEzzzy0AyC0EtB0EtGtDzytA0DtGtAtDyC0FtGtB0DtCtCtG0F0BtD0FyB0FyE0EtByByE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AyEtDtB0F0DtDtGyE0AtA0BtGyE0BtBzztGzz0B0CtBtGtCtC0B0EtCtA0EtB0CyE0E0D2QtN0A0LzuyE%26cr%3D295985657%26a%3Dwncy_ir_15_31%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4133458633-780925660-3275413234-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-4133458633-780925660-3275413234-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe www.tohotweb.com?oem=sunadusv4&uid=W77082F6_ST1000LM014-1EJ164&tm=1446659530

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome: 
=======
CHR StartupUrls: Profile 2 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-31]
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-31]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-31]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (EasyCalendar) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (Adguard Werbeblocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-07]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-06]
CHR Extension: (EasyCalendar) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-13]
CHR Extension: (Popup Blocker Pro) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-13]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 AllplanUpdateLauncher 2014; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe [16680 2014-05-24] (Nemetschek Allplan Systems GmbH)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [309376 2015-01-30] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S2 NetTcpHandler; C:\Users\Simone\AppData\Roaming\NetService\netservice.exe [173088 2015-07-09] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-31] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-31] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-31] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-08-02] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-31] (G Data Software AG)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-14 11:27 - 2015-11-14 11:28 - 00035322 _____ C:\Users\Simone\Downloads\FRST.txt
2015-11-14 11:25 - 2015-11-14 11:27 - 00000000 ____D C:\FRST
2015-11-14 11:24 - 2015-11-14 11:24 - 02198528 _____ (Farbar) C:\Users\Simone\Downloads\FRST64.exe
2015-11-14 11:22 - 2015-11-14 11:23 - 00000474 _____ C:\Users\Simone\Downloads\defogger_disable.log
2015-11-14 11:22 - 2015-11-14 11:22 - 00000000 _____ C:\Users\Simone\defogger_reenable
2015-11-14 11:21 - 2015-11-14 11:21 - 00050477 _____ C:\Users\Simone\Downloads\Defogger.exe
2015-11-14 00:42 - 2015-11-14 10:22 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fa6580af-9a07-4eac-975d-6d3beed7a430.job
2015-11-14 00:42 - 2015-11-14 10:22 - 00000512 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4397d9eb-cff4-4700-a7dc-a5aca2a4a35f.job
2015-11-14 00:42 - 2015-11-14 00:42 - 00003590 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 4397d9eb-cff4-4700-a7dc-a5aca2a4a35f
2015-11-14 00:42 - 2015-11-14 00:42 - 00003516 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task fa6580af-9a07-4eac-975d-6d3beed7a430
2015-11-14 00:42 - 2015-11-14 00:42 - 00001814 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-11-14 00:42 - 2015-11-14 00:42 - 00000000 ____D C:\Users\Simone\AppData\Roaming\SUPERAntiSpyware.com
2015-11-14 00:42 - 2015-11-14 00:42 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-11-14 00:42 - 2015-11-14 00:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-11-14 00:42 - 2015-11-14 00:42 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-11-14 00:41 - 2015-11-14 00:41 - 00000085 _____ C:\Windows\wininit.ini
2015-11-14 00:36 - 2015-11-14 00:36 - 00002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-11-14 00:33 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20151114-003354.backup
2015-11-14 00:25 - 2015-11-14 00:25 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-14 00:25 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-11-14 00:17 - 2015-11-14 00:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-14 00:17 - 2015-11-14 00:17 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-11-14 00:16 - 2015-11-14 10:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-11-13 21:08 - 2015-11-13 21:08 - 00003174 _____ C:\Windows\System32\Tasks\{75E8A2F2-E9BC-46BC-BE92-2D693A7F8AF2}
2015-11-13 21:07 - 2015-11-13 21:07 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Macromedia
2015-11-13 19:47 - 2015-11-13 22:18 - 00000608 __RSH C:\ProgramData\ntuser.pol
2015-11-13 19:46 - 2015-11-13 19:46 - 00003416 ____N C:\bootsqm.dat
2015-11-13 19:44 - 2015-11-13 19:44 - 00000000 __SHD C:\found.000
2015-11-13 10:31 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 15:01 - 2015-11-12 15:01 - 00262144 ____N C:\Windows\Minidump\111215-11185-01.dmp
2015-11-12 15:01 - 2015-11-12 15:01 - 00000000 ____D C:\Windows\Minidump
2015-11-12 08:30 - 2015-11-12 08:30 - 00001112 _____ C:\Users\Public\Desktop\EnerCalC.lnk
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnerCalC
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\Program Files (x86)\EnerCalC
2015-11-11 21:01 - 2015-11-11 21:01 - 00001870 _____ C:\Users\Simone\Desktop\JRT.txt
2015-11-11 19:35 - 2015-11-07 10:24 - 00308144 _____ (Abengine) C:\Windows\system32\acengine64.dll
2015-11-11 19:02 - 2015-11-11 19:02 - 00000000 ____D C:\AdwCleaner
2015-11-11 18:24 - 2015-11-11 18:24 - 00000000 _____ C:\Windows\setuperr.log
2015-11-11 17:41 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 17:41 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 17:41 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 17:41 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 17:41 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:41 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 17:41 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 17:41 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 17:41 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 17:41 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 17:41 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 17:41 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 17:41 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 17:41 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 17:41 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:41 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll.vir
2015-11-11 17:41 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 17:41 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll.vir
2015-11-11 17:41 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 17:41 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll.vir
2015-11-11 17:41 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:41 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 17:41 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll.vir
2015-11-11 17:41 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 17:41 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:41 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll.vir
2015-11-11 17:41 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll.vir
2015-11-11 17:41 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 17:41 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 17:41 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:41 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 17:41 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:41 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:41 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 17:41 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:40 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:40 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 17:40 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 17:40 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 17:40 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 17:40 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:40 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:40 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 17:40 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 17:40 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 17:40 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 17:40 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 17:40 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:40 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 17:40 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 17:40 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:40 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:40 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 17:39 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 17:39 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:39 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:39 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 17:39 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 17:39 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 17:39 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-09 22:32 - 2015-11-09 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-06 19:48 - 2015-11-06 19:48 - 00000000 _____ C:\autoexec.bat
2015-11-05 15:22 - 2015-11-05 15:22 - 00000000 ____D C:\Users\Simone\AppData\Roaming\PDAppFlex
2015-11-05 15:21 - 2015-11-05 15:21 - 00003506 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Simone-PC-Simone
2015-11-04 19:14 - 2015-11-04 19:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-04 19:09 - 2015-11-04 19:09 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2015-11-04 19:04 - 2015-11-04 19:11 - 00000000 ____D C:\Program Files\Adobe
2015-11-04 19:03 - 2015-11-04 19:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-04 18:57 - 2015-11-14 00:22 - 00000000 ___RD C:\Users\Simone\Creative Cloud Files
2015-11-04 18:54 - 2015-11-04 18:54 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-04 18:54 - 2015-11-04 18:54 - 00001215 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-04 18:52 - 2015-11-04 18:52 - 00000000 ____D C:\Users\Simone\AppData\Roaming\shortCutStore
2015-11-04 18:39 - 2015-11-14 10:23 - 00000000 ____D C:\Program Files (x86)\Fast-Search
2015-11-04 18:39 - 2015-11-07 10:24 - 00260752 _____ (Abengine) C:\Windows\SysWOW64\acengine.dll
2015-11-04 18:39 - 2015-11-04 18:40 - 00000002 _____ C:\END
2015-11-04 18:39 - 2015-11-04 18:39 - 00010352 _____ C:\Windows\SysWOW64\acengineOff.ini
2015-11-04 18:39 - 2015-11-04 18:39 - 00010352 _____ C:\Windows\system32\acengineOff.ini
2015-11-04 18:39 - 2015-11-04 18:39 - 00003090 _____ C:\Windows\System32\Tasks\uhy3013
2015-11-04 18:23 - 2015-11-14 00:25 - 00000000 ____D C:\Users\Simone\AppData\Roaming\RunDir
2015-11-04 18:23 - 2015-11-04 18:27 - 00000000 ____D C:\Program Files (x86)\MaxDrivrUpdater
2015-11-04 18:23 - 2015-11-04 18:23 - 00000000 ____D C:\Users\Simone\AppData\Roaming\NetService
2015-11-04 18:23 - 2015-11-04 18:23 - 00000000 ____D C:\Program Files (x86)\MaxDrivrUpdater_v121.7239
2015-11-03 23:21 - 2015-11-14 11:21 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-14 11:21 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-03 23:21 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 23:21 - 2015-11-03 23:21 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 18:48 - 2015-11-03 19:25 - 00000000 ____D C:\Windows\Panther
2015-11-03 18:47 - 2015-11-14 10:47 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-14 10:47 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-03 18:47 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-03 18:47 - 2015-11-03 18:47 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-02 21:15 - 2015-11-02 21:15 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-11-01 22:14 - 2015-11-01 22:14 - 00000052 _____ C:\Users\Simone\Desktop\11.txt
2015-11-01 17:58 - 2015-11-01 18:08 - 00000000 ____D C:\Users\Simone\AppData\Roaming\FFSJ
2015-11-01 16:51 - 2015-11-14 00:21 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Ashampoo
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Local\ashampoo
2015-11-01 16:45 - 2015-11-01 16:46 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-01 16:44 - 2015-11-01 22:19 - 00000000 ____D C:\Program Files (x86)\360
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\sparta111
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Local\Sparta
2015-10-26 09:13 - 2015-10-26 09:14 - 00000000 ____D C:\Users\Simone\Desktop\nein Fotos
2015-10-20 20:26 - 2015-10-20 20:26 - 00000964 _____ C:\Users\Simone\Desktop\RegCleaner.lnk
2015-10-20 20:26 - 2015-10-20 20:26 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2015-10-20 19:56 - 2015-10-20 19:56 - 00002106 _____ C:\Users\Public\Desktop\AutoCAD 2016 - Deutsch (German).lnk
2015-10-20 19:48 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files (x86)\Autodesk
2015-10-20 19:43 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files\Autodesk
2015-10-20 19:42 - 2015-11-11 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-20 18:37 - 2015-10-20 18:37 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-20 18:24 - 2015-10-20 19:55 - 00000000 ____D C:\Autodesk
2015-10-20 16:19 - 2015-10-20 20:05 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-19 22:01 - 2015-10-19 22:01 - 00000000 ____D C:\ProgramData\FARO
2015-10-19 21:57 - 2015-10-19 21:57 - 00000000 ____D C:\Users\Simone\Documents\Inventor Server SDK ACAD 2016
2015-10-19 21:56 - 2015-10-19 21:56 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-19 20:53 - 2015-10-19 21:03 - 00001531 _____ C:\Windows\SysWOW64\debug.log
2015-10-18 16:05 - 2015-10-18 16:16 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Grasshopper
2015-10-18 15:59 - 2015-10-18 15:59 - 00000000 ____D C:\Users\Simone\AppData\Local\3dmouse
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Roaming\McNeel
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Local\McNeel
2015-10-18 15:57 - 2015-10-18 15:58 - 00000000 ____D C:\ProgramData\McNeel
2015-10-18 15:57 - 2015-10-18 15:57 - 00001088 _____ C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files\Rhinoceros 5 (64-bit)
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files (x86)\McNeelUpdate
2015-10-18 15:31 - 2015-10-18 15:31 - 00000000 ____D C:\Users\Simone\AppData\Roaming\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Program Files\WinRAR
2015-10-18 12:56 - 2015-10-18 13:03 - 00000000 ____D C:\rhinos

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-14 11:22 - 2015-07-30 21:56 - 00000000 ____D C:\Users\Simone
2015-11-14 11:17 - 2015-08-03 17:38 - 00000646 _____ C:\Windows\Tasks\WebContent AutoUpdate 2014.job
2015-11-14 11:11 - 2015-08-03 13:06 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-14 10:40 - 2015-07-30 21:52 - 01442435 _____ C:\Windows\WindowsUpdate.log
2015-11-14 10:37 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-14 10:37 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-14 10:33 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Local\Adobe
2015-11-14 10:32 - 2015-07-31 21:29 - 00000000 ____D C:\Users\Simone\AppData\Local\CrashDumps
2015-11-14 10:29 - 2015-07-31 07:47 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-11-14 10:29 - 2015-07-31 07:47 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-11-14 10:29 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-14 10:25 - 2015-07-31 19:48 - 00006467 _____ C:\Windows\SysWOW64\Gms.log
2015-11-14 10:24 - 2015-08-03 13:08 - 00000000 ___RD C:\Users\Simone\Dropbox
2015-11-14 10:24 - 2015-08-03 13:05 - 00000000 ____D C:\Users\Simone\AppData\Local\Dropbox
2015-11-14 10:23 - 2015-08-03 13:06 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-14 10:23 - 2015-07-31 17:23 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-14 10:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-14 10:22 - 2009-07-14 05:51 - 00068070 _____ C:\Windows\setupact.log
2015-11-14 10:22 - 2009-07-14 05:45 - 00549576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-14 10:21 - 2015-07-31 17:43 - 17223144 _____ C:\Windows\PFRO.log
2015-11-14 01:44 - 2015-07-31 17:54 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 17:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-13 10:28 - 2015-07-31 21:11 - 00000000 ____D C:\Users\Simone\AppData\Roaming\vlc
2015-11-12 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 20:05 - 2015-07-31 17:39 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 20:00 - 2015-07-31 17:39 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 19:59 - 2015-08-09 11:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 19:59 - 2015-08-01 23:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 19:45 - 2009-07-14 08:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 19:45 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-09 22:32 - 2015-08-03 13:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-05 15:48 - 2015-08-01 23:00 - 00000000 ____D C:\Users\Simone\AppData\Local\Microsoft Help
2015-11-05 15:47 - 2015-09-10 07:41 - 00000000 ___HD C:\$Windows.~BT
2015-11-04 19:14 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Adobe
2015-11-04 19:11 - 2015-08-03 12:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-04 19:09 - 2015-08-03 12:48 - 00000000 ____D C:\ProgramData\Adobe
2015-11-04 19:04 - 2015-07-31 18:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-04 18:52 - 2015-07-30 21:56 - 00001242 _____ C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-04 18:52 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-04 18:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-03 20:31 - 2015-08-12 16:52 - 00001386 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-11-02 21:16 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-11-02 21:14 - 2015-07-31 21:22 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-11-02 21:13 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\EPSON
2015-11-02 21:12 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-02 08:31 - 2015-08-03 17:38 - 00000490 _____ C:\Windows\Tasks\AutoUpdate Allplan 2014.job
2015-11-01 22:28 - 2015-08-03 17:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 18:44 - 2015-07-31 21:41 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Epson
2015-10-25 16:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 21:32 - 2015-08-04 11:35 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-20 20:01 - 2015-08-04 11:40 - 00000000 ____D C:\Users\Simone\Documents\Autodesk Application Manager
2015-10-20 19:47 - 2015-07-31 16:42 - 00156568 _____ C:\Users\Simone\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-20 19:46 - 2015-08-04 21:01 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-10-20 19:46 - 2015-08-04 10:55 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Autodesk
2015-10-20 19:42 - 2015-08-02 21:52 - 00016966 _____ C:\Windows\DirectX.log
2015-10-20 18:37 - 2015-08-02 23:07 - 00000184 _____ C:\Windows\LMv4.UNI
2015-10-19 22:07 - 2015-08-04 11:37 - 00000000 ____D C:\Users\Simone\AppData\Local\Autodesk
2015-10-16 16:17 - 2015-08-03 12:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 09:30 - 2015-07-31 17:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 09:30 - 2015-07-31 17:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 09:25 - 2015-08-03 15:45 - 00000000 ____D C:\Users\Simone\.maplesoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-09 21:10 - 2015-08-09 21:10 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\EP-Compare-File-List.txt
2015-07-31 17:38 - 2015-07-31 17:38 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\gdfw.log
2015-07-31 17:38 - 2015-07-31 17:38 - 0000779 _____ () C:\Users\Simone\AppData\Roaming\gdscan.log
2015-07-31 18:12 - 2015-07-31 18:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-04 11:37 - 2015-08-04 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-10-19 21:56 - 2015-10-19 21:56 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp3vw7z.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 11:56

==================== Ende von FRST.txt ============================
         
__________________

Alt 14.11.2015, 11:36   #4
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Simone (2015-11-14 11:28:43)
Gestartet von C:\Users\Simone\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-07-30 20:56:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4133458633-780925660-3275413234-500 - Administrator - Disabled)
Gast (S-1-5-21-4133458633-780925660-3275413234-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4133458633-780925660-3275413234-1002 - Limited - Enabled)
Simone (S-1-5-21-4133458633-780925660-3275413234-1000 - Administrator - Enabled) => C:\Users\Simone

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G*DATA INTERNET*SECURITY CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G*DATA INTERNET*SECURITY CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-PDF Printer 10.11.0.2342 (HKLM\...\7-PDF Printer_is1) (Version: 10.11.0.2342 - 7-PDF, Germany - Th. Hodes)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Acer Updater Packages (HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Acer Updater Packages) (Version:  - ) <==== ACHTUNG
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.1.0.122 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
agederar (HKLM-x32\...\{9f58a80e-3c37-4557-0e9d-4857a20ed324}) (Version: 1.0.0 - ryofward) <==== ACHTUNG
AutoCAD 2016 - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Deutsch (German) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.5 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 Language Pack - Deutsch (German) (HKLM\...\AutoCAD 2016 - Deutsch (German)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden
AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
BKI Energieplaner 14.0.9 (HKLM-x32\...\{CE29BCC0-CB14-413F-8D68-A2FD81026A10}_is1) (Version: 14.0.9 - BKI)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Dlubal RSTAB 8.04 64-bit (HKLM\...\Dlubal RSTAB 8.04 64-bit) (Version: 8.04.0108 - Dlubal Software GmbH)
Dlubal RSTAB 8.04 64-bit (Version: 8.04.0108 - Dlubal Software GmbH) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
EnerCalC 4.43.110 (HKLM-x32\...\{DD8C2118-BB2C-4B5C-B6C8-2B7C94D87335}_is1) (Version: 4.43.110 - Markus Lichtmeß)
EnergyPlus 8.3.0-6d97d074ea (HKLM-x32\...\EnergyPlus 8.3.0-6d97d074ea) (Version: 8.3.0-6d97d074ea - US Department of Energy)
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{17FA0444-A025-43B9-862C-81AE6307C2F2}) (Version: 3.10.0050 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.60.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.00.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version:  - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version:  - )
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version:  - SEIKO EPSON Corporation)
EPSON WF-7620 Series Printer Uninstall (HKLM\...\EPSON WF-7620 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.50.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
ESS Energie Indikator (HKLM-x32\...\{AA56C866-27E0-4178-876C-6A18FA7715D8}) (Version: 20.14.0 - Nemetschek Allplan GmbH)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
G*DATA INTERNET*SECURITY CBE (HKLM-x32\...\{6E9D1CB6-A9BF-4F47-8BA2-F34ECBE49C86}) (Version: 25.1.0.4 - G DATA Software AG)
General Runtime Files for Allplan 2014-1-6 (x32 Version: 1.8.1.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2014-1-6 x64 (Version: 1.5.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Nemetschek Softlock 2006 (x32 Version: 1.3.0.0 - Nemetschek) Hidden
General Runtime Files for Nemetschek Softlock 2006 64 (Version: 1.2.0.0 - Nemetschek) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.16) (Version: 9.16 - Artifex Software Inc.)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 6.0.11 - Acer Inc.)
Maple 18 (HKLM\...\Maple 18) (Version: 18 - Maplesoft)
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
Nemetschek Allplan 2014 (HKLM-x32\...\{669D6EB8-28DD-4F5C-A7C3-5DCB53F59691}) (Version: 2014.0 - Nemetschek Allplan Systems GmbH)
Nemetschek SoftLock 2006 (HKLM-x32\...\{7262D0C8-41CC-4F75-8383-A6C7C61D7FC6}) (Version: 1.26.55 - Nemetschek Allplan Systems GmbH)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF24 Creator 7.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.493 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0033 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Rhinoceros 5 (64-bit) (HKLM\...\{A43368B8-F404-41F0-ADB3-29CEF6F4E62D}) (Version: 5.5.30912.16275 - Robert McNeel & Associates)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
SJ MEPLA (HKLM-x32\...\{8ACD0CA4-845A-4496-BDB6-1C81C2D0CFA7}) (Version: 3.50.0009 - SJ Software)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
SketchUp-Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Verfügbare Autodesk-Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Simone\AppData\Roaming\agederar\fortetri.dll () <==== ACHTUNG
CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4133458633-780925660-3275413234-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-14 00:33 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15463 zusätzliche Einträge.


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {051846D4-A22A-4093-8B75-797890683240} - System32\Tasks\AdobeAAMUpdater-1.0-Simone-PC-Simone => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {0B8685D2-8381-43FC-AC0D-9EA4F67C60FF} - System32\Tasks\SUPERAntiSpyware Scheduled Task fa6580af-9a07-4eac-975d-6d3beed7a430 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {0C394548-EB65-4228-95C9-6DD25A13B92F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {19D52364-3FBE-4CBF-9B8E-699F8EB6C1F5} - System32\Tasks\{531AD94E-E01F-4B97-9AA0-ECFE3161E896} => pcalua.exe -a C:\Users\Simone\AppData\Local\Temp\Temp2_Chipset_Intel_10.0.22_W81x64_A.zip\Chipset_Intel_10.0.22_W81x64\Setup.exe
Task: {1F33BBBB-0FE4-4137-9C84-E67C353002E6} - System32\Tasks\AutoUpdate Allplan 2014 => C:\Program Files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2014-05-24] (Nemetschek Allplan Systems GmbH)
Task: {217D28B0-5FF2-41FA-96F8-4DD8B7028C5B} - System32\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {25123D52-044A-4E92-A88A-53723FF9131E} - System32\Tasks\{75E8A2F2-E9BC-46BC-BE92-2D693A7F8AF2} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {29629FEE-A872-4D74-ACD2-5FDE35029684} - System32\Tasks\{98B50C05-FDA5-4DD4-9B45-D57CE31F1A59} => pcalua.exe -a "C:\Users\Simone\Desktop\(Simone)Laptop-AcerAspireV15nitro\acer treiber\Chipset_Intel_10.0.22_W81x64_A\Chipset_Intel_10.0.22_W81x64\Setup.exe" -d "C:\Users\Simone\Desktop\(Simone)Laptop-AcerAspireV15nitro\acer treiber\Chipset_Intel_10.0.22_W81x64_A\Chipset_Intel_10.0.22_W81x64"
Task: {3990E12B-E6DE-4129-97B8-51D7D165EC5D} - System32\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {3BB49182-29E2-4E99-8080-30913142CD33} - System32\Tasks\{D7933A3B-3164-4A08-94F2-79B8B13B7FA2} => pcalua.exe -a C:\Users\Simone\AppData\Local\Temp\Temp3_Chipset_Intel_10.0.22_W81x64_A.zip\Chipset_Intel_10.0.22_W81x64\Setup.exe
Task: {40035D4E-B650-4029-9411-07CA394E0D28} - System32\Tasks\SUPERAntiSpyware Scheduled Task 4397d9eb-cff4-4700-a7dc-a5aca2a4a35f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {5353E91A-2C2C-4D6B-A218-557859C80584} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {86B11E5C-281D-457F-B723-BD6BB2E9C2ED} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-03] (Dropbox, Inc.)
Task: {9E21538E-D53A-4997-AA88-8E5EE06C3189} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9EA5B6EA-D72C-4FDC-97E4-D889C1BA83AB} - System32\Tasks\uhy3013 => C:\Program Files (x86)\Fast-Search\uhy3013.exe [2015-11-02] () <==== ACHTUNG
Task: {A667762E-9DA3-4E87-B196-2A308B7BB1BA} - System32\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {A83EF8BE-1C88-4282-BDFD-8254BA1496BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {C40BD481-E78D-449F-B26A-512C599BB646} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C4189400-DB1E-4DF2-8425-A951B30E16C3} - System32\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {E65BC36B-9856-4683-8210-9C192F366E97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31] (Google Inc.)
Task: {EE69E492-4C96-4988-A442-6E5A64F49DFA} - System32\Tasks\WebContent AutoUpdate 2014 => C:\Program Files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2014-05-24] (Nemetschek Allplan Systems GmbH)
Task: {EF3E479C-D8D2-4778-83A7-A6458BB0F870} - System32\Tasks\{A2740CB5-BE84-42CC-BE45-39A54E374239} => pcalua.exe -a C:\Users\Simone\AppData\Local\Temp\DMR\dmr_72.exe -d C:\Users\Simone\Downloads -c -install -54504926 -chipde -599a861e093442f5b9c560dc3e736b59 - -BLUB2 -hxlgzkqtzfomfqfm -5956
Task: {F2D103DA-A536-48F5-AF8D-C5BD56359582} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-03] (Dropbox, Inc.)
Task: {F7D4F907-62CE-4AF8-AE2F-A012BE808EA3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\AutoUpdate Allplan 2014.job => C:\Program Files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe9/f C:\Daten\Nemetschek\Allplan_1\Std\AllplanUpdate.inf
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\Windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\Windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{D7B3AC18-0A64-433B-A8D5-66367A39D7C5} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 4397d9eb-cff4-4700-a7dc-a5aca2a4a35f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fa6580af-9a07-4eac-975d-6d3beed7a430.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\WebContent AutoUpdate 2014.job => C:\Program Files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe‡/f C:\Daten\Nemetschek\Allplan_1\Std\AllplanUpdate.inf /one hxxp:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2014/WebContent.upd

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-16 04:45 - 2015-07-16 04:45 - 00105112 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2015-07-16 04:44 - 2015-07-16 04:44 - 00032920 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\AnalyzerTask.dll
2015-07-16 04:44 - 2015-07-16 04:44 - 00019096 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\DriverDetection.dll
2015-07-16 04:44 - 2015-07-16 04:44 - 00243864 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll
2015-08-04 13:26 - 2015-08-04 13:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-02-20 04:42 - 2015-02-20 04:42 - 00382072 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2015-08-04 13:26 - 2015-08-04 13:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2015-09-11 19:02 - 2015-09-11 19:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-19 20:02 - 2015-03-19 20:02 - 00393480 _____ () C:\Windows\system32\igfxTray.exe
2014-08-27 18:41 - 2014-08-27 18:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2015-08-02 23:16 - 2015-07-16 04:52 - 00413848 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2015-08-02 23:16 - 2015-07-16 04:59 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2015-08-02 23:16 - 2015-07-16 04:56 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2015-08-02 23:16 - 2015-07-16 04:56 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2015-08-02 23:16 - 2015-07-16 04:56 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2015-08-02 23:16 - 2015-07-16 04:57 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2015-08-02 23:16 - 2015-07-16 04:58 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2015-08-02 23:16 - 2015-07-16 04:58 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2015-08-02 23:16 - 2015-07-16 04:57 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2015-08-02 23:16 - 2015-07-16 04:55 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2015-11-11 19:07 - 2015-11-07 05:46 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 19:07 - 2015-11-07 05:46 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2014-06-11 04:34 - 2014-06-11 04:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-10-20 19:48 - 2015-09-07 04:33 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-10-20 19:48 - 2015-09-07 04:33 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-07-31 20:46 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-14 10:24 - 2015-11-14 10:24 - 00071168 _____ () c:\users\simone\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp3vw7z.dll
2015-08-03 13:07 - 2015-09-03 01:11 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-08-03 13:07 - 2015-09-03 01:11 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 13:07 - 2015-09-03 01:11 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-03 13:07 - 2015-09-03 01:11 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-08-31 16:10 - 2015-08-26 09:29 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-08-31 16:10 - 2015-08-26 09:29 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2014-10-10 08:37 - 2014-10-10 08:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine => ""="service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{AA19FD23-248D-4E6A-A846-15A58FE386BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{06B8A60E-DFF1-4D47-939C-029F1A0CCC24}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C7FE4853-60D0-4F24-95AC-649F022239D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2635E4B-CD52-4FBD-94F9-D3C325560C3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4500057A-5A8B-464F-AB61-A6203FEB3B4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F4DEC146-BA98-455F-B68E-A169375BCD76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CBFA0407-B3E2-447D-8FF2-4E6C2DC273AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{90224285-D02E-4A35-8BE3-7E8C030006A1}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{8ED14632-2863-40FA-A1D5-79744E3F9D25}] => (Allow) C:\Program Files\Dlubal\RSTAB 8.04\RSTAB64.exe
FirewallRules: [{0BFB9259-CC55-4678-BD19-A16C7CCF69B5}] => (Allow) C:\Program Files\Dlubal\RSTAB 8.04\RSTAB64.exe
FirewallRules: [{7D7FAD31-4E2C-457A-A2D6-BA93BFB79143}] => (Allow) C:\Program Files\Dlubal\RSTAB 8.04\RSTAB64.exe
FirewallRules: [{2FE306AD-25FF-4851-A73F-45412F100ED7}] => (Allow) C:\Program Files\Dlubal\RSTAB 8.04\RSTAB64.exe
FirewallRules: [{DBFCE99A-86DC-48E2-ABF7-48FD99E95005}] => (Allow) C:\Program Files\Common Files\Dlubal\ExtModuleManager64.exe
FirewallRules: [{7C75A10C-3F53-4E17-A416-99D6C2DACFC5}] => (Allow) C:\Program Files\Common Files\Dlubal\ExtModuleManager64.exe
FirewallRules: [{52F8A2DC-1F27-4E95-9AD5-4A420936A127}] => (Allow) C:\Program Files\Common Files\Dlubal\ExtModuleManager64.exe
FirewallRules: [{B47AB206-765B-4E9F-A1DC-1721243554C8}] => (Allow) C:\Program Files\Common Files\Dlubal\ExtModuleManager64.exe
FirewallRules: [{5522BA6C-1286-4145-AC8E-2AD1EC6DB9A8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E9CA03AC-2DCB-48A6-A4B5-10FC192785F1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{661ABDA1-BA3D-4CA4-A024-B83C21B173B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A4D6C818-8D2F-490F-90AC-3DD12890E39E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D2577A74-7DAB-4BC7-9357-75E6DA1F211A}] => (Allow) LPort=50248
FirewallRules: [{07F6A6ED-3EEB-440E-BD03-5D53B6E9982B}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{6DA32A7D-1F4D-4587-8AB7-1037DF68DE01}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{04E75295-9FE0-4BF1-9712-E868A394E046}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{CD34A4E7-19CC-4527-820C-FFE8098D6CBA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/14/2015 10:43:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Name des fehlerhaften Moduls: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Ausnahmecode: 0x40000015
Fehleroffset: 0x00013184
ID des fehlerhaften Prozesses: 0x1a88
Startzeit der fehlerhaften Anwendung: 0xnetservice.exe0
Pfad der fehlerhaften Anwendung: netservice.exe1
Pfad des fehlerhaften Moduls: netservice.exe2
Berichtskennung: netservice.exe3

Error: (11/14/2015 10:32:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Name des fehlerhaften Moduls: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Ausnahmecode: 0x40000015
Fehleroffset: 0x00013184
ID des fehlerhaften Prozesses: 0xb70
Startzeit der fehlerhaften Anwendung: 0xnetservice.exe0
Pfad der fehlerhaften Anwendung: netservice.exe1
Pfad des fehlerhaften Moduls: netservice.exe2
Berichtskennung: netservice.exe3

Error: (11/14/2015 10:32:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.18064, Zeitstempel: 0x56042d8f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.19045, Zeitstempel: 0x56259295
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000bffc2
ID des fehlerhaften Prozesses: 0x1b88
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3

Error: (11/14/2015 10:25:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mep.exe, Version: 1.1.2.0, Zeitstempel: 0x541fad83
Name des fehlerhaften Moduls: MepUploader.dll, Version: 1.0.1.0, Zeitstempel: 0x5405907e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00015af7
ID des fehlerhaften Prozesses: 0xe98
Startzeit der fehlerhaften Anwendung: 0xmep.exe0
Pfad der fehlerhaften Anwendung: mep.exe1
Pfad des fehlerhaften Moduls: mep.exe2
Berichtskennung: mep.exe3

Error: (11/14/2015 10:24:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Creative Cloud.exe, Version: 3.3.0.151, Zeitstempel: 0x55fab2fa
Name des fehlerhaften Moduls: ContainerUI.dll, Version: 3.3.0.151, Zeitstempel: 0x55fab383
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00016870
ID des fehlerhaften Prozesses: 0x192c
Startzeit der fehlerhaften Anwendung: 0xCreative Cloud.exe0
Pfad der fehlerhaften Anwendung: Creative Cloud.exe1
Pfad des fehlerhaften Moduls: Creative Cloud.exe2
Berichtskennung: Creative Cloud.exe3

Error: (11/14/2015 12:41:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Name des fehlerhaften Moduls: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Ausnahmecode: 0x40000015
Fehleroffset: 0x00013184
ID des fehlerhaften Prozesses: 0x27ec
Startzeit der fehlerhaften Anwendung: 0xnetservice.exe0
Pfad der fehlerhaften Anwendung: netservice.exe1
Pfad des fehlerhaften Moduls: netservice.exe2
Berichtskennung: netservice.exe3

Error: (11/14/2015 12:30:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Name des fehlerhaften Moduls: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Ausnahmecode: 0x40000015
Fehleroffset: 0x00013184
ID des fehlerhaften Prozesses: 0x1220
Startzeit der fehlerhaften Anwendung: 0xnetservice.exe0
Pfad der fehlerhaften Anwendung: netservice.exe1
Pfad des fehlerhaften Moduls: netservice.exe2
Berichtskennung: netservice.exe3

Error: (11/13/2015 11:52:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: beehefcahj.exe, Version: 0.0.0.0, Zeitstempel: 0x56465d9f
Name des fehlerhaften Moduls: beehefcahj.exe, Version: 0.0.0.0, Zeitstempel: 0x56465d9f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00058814
ID des fehlerhaften Prozesses: 0x2194
Startzeit der fehlerhaften Anwendung: 0xbeehefcahj.exe0
Pfad der fehlerhaften Anwendung: beehefcahj.exe1
Pfad des fehlerhaften Moduls: beehefcahj.exe2
Berichtskennung: beehefcahj.exe3

Error: (11/13/2015 11:51:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: beehefcahj.exe, Version: 0.0.0.0, Zeitstempel: 0x56465d9f
Name des fehlerhaften Moduls: beehefcahj.exe, Version: 0.0.0.0, Zeitstempel: 0x56465d9f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00058814
ID des fehlerhaften Prozesses: 0x2648
Startzeit der fehlerhaften Anwendung: 0xbeehefcahj.exe0
Pfad der fehlerhaften Anwendung: beehefcahj.exe1
Pfad des fehlerhaften Moduls: beehefcahj.exe2
Berichtskennung: beehefcahj.exe3

Error: (11/13/2015 11:51:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: beehefcahj.exe, Version: 0.0.0.0, Zeitstempel: 0x56465d9f
Name des fehlerhaften Moduls: beehefcahj.exe, Version: 0.0.0.0, Zeitstempel: 0x56465d9f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00058814
ID des fehlerhaften Prozesses: 0x2a4
Startzeit der fehlerhaften Anwendung: 0xbeehefcahj.exe0
Pfad der fehlerhaften Anwendung: beehefcahj.exe1
Pfad des fehlerhaften Moduls: beehefcahj.exe2
Berichtskennung: beehefcahj.exe3


Systemfehler:
=============
Error: (11/14/2015 10:43:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Tcp Service Handler" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.

Error: (11/14/2015 10:32:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Tcp Service Handler" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/14/2015 10:25:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/14/2015 10:25:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

Error: (11/14/2015 10:23:35 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/14/2015 10:22:25 AM) (Source: aksfridge) (EventID: 0) (User: )
Description: error file fchkdsk.c line 1633 status 0

Error: (11/14/2015 10:21:04 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (11/14/2015 10:20:51 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (11/14/2015 10:20:51 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (11/14/2015 12:41:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Net.Tcp Service Handler" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.


CodeIntegrity:
===================================
  Date: 2015-11-03 19:21:24.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-03 19:21:24.929
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-03 19:21:24.867
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-01 16:27:16.219
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-01 16:27:16.173
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-01 16:27:16.029
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-01 16:27:15.920
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-18 13:47:15.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-18 13:47:15.029
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-10-18 13:47:14.969
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8119.36 MB
Verfügbarer physikalischer RAM: 4469.54 MB
Summe virtueller Speicher: 16236.93 MB
Verfügbarer virtueller Speicher: 12528.84 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:125.83 GB) (Free:39.39 GB) NTFS
Drive e: (Simone PC) (Fixed) (Total:805.59 GB) (Free:796.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2039A54A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=125.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=805.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 15.11.2015, 06:15   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Acer Updater Packages

    agederar

    Software Updater


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.11.2015, 13:54   #6
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



Hallo Schrauber, Danke das du mir Hilft :-)

also ich habe jetzt Combofix durchlaufen lassen, und obwohl GDATA ausgeschaltet war hat der gesagt, habe eine Bedrohung gefunden. Ich habe dann immer auf immer erlauben gedrückt.
Dann hat das Programm weitergearbeitet, und eine Meldung gemacht, allerdings weiß ich gerade nicht mehr was das Programm gesagt hat.

Die Comofix.txt:
Code:
ATTFilter
ComboFix 15-11-15.01 - Simone 15.11.2015  13:02:34.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8119.5486 [GMT 1:00]
ausgeführt von:: c:\users\Simone\Desktop\ComboFix.exe
AV: G*DATA INTERNET*SECURITY CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G*DATA Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G*DATA INTERNET*SECURITY CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\programdata\Roaming
c:\users\Simone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgqf7vr.dll
c:\users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-15 bis 2015-11-15  ))))))))))))))))))))))))))))))
.
.
2015-11-15 12:09 . 2015-11-15 12:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-15 10:24 . 2015-11-15 10:24	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-11-14 10:25 . 2015-11-14 10:30	--------	d-----w-	C:\FRST
2015-11-13 23:25 . 2015-11-13 23:25	--------	d-----w-	c:\program files\Common Files\AV
2015-11-13 23:17 . 2015-11-13 23:41	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-11-13 23:16 . 2015-11-14 09:21	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-11-13 18:44 . 2015-11-13 18:44	--------	d-----w-	C:\found.000
2015-11-13 09:31 . 2015-11-03 17:55	3211264	----a-w-	c:\windows\system32\win32k.sys
2015-11-12 07:30 . 2015-11-12 07:30	--------	d-----w-	c:\program files (x86)\EnerCalC
2015-11-11 18:35 . 2015-11-07 09:24	308144	----a-w-	c:\windows\system32\acengine64.dll
2015-11-11 18:02 . 2015-11-11 18:02	--------	d-----w-	C:\AdwCleaner
2015-11-11 16:40 . 2015-10-30 23:11	817664	----a-w-	c:\windows\system32\jscript.dll
2015-11-11 16:39 . 2015-10-13 16:41	497664	----a-w-	c:\windows\system32\drivers\afd.sys
2015-11-10 14:42 . 2015-08-11 04:52	69416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-11-10 14:42 . 2015-08-11 04:52	50472	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-11-05 14:22 . 2015-11-05 14:22	--------	d-----w-	c:\users\Simone\AppData\Roaming\PDAppFlex
2015-11-04 18:14 . 2015-11-04 18:14	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2015-11-04 18:04 . 2015-11-04 18:11	--------	d-----w-	c:\program files\Adobe
2015-11-04 18:03 . 2015-11-04 18:09	--------	d-----w-	c:\program files\Common Files\Adobe
2015-11-04 17:57 . 2015-11-15 11:48	--------	d-----r-	c:\users\Simone\Creative Cloud Files
2015-11-04 17:52 . 2015-11-04 17:52	--------	d-----w-	c:\users\Simone\AppData\Roaming\shortCutStore
2015-11-04 17:39 . 2015-11-07 09:24	260752	----a-w-	c:\windows\SysWow64\acengine.dll
2015-11-04 17:39 . 2015-11-15 12:13	--------	d-----w-	c:\program files (x86)\Fast-Search
2015-11-04 17:23 . 2015-11-04 17:27	--------	d-----w-	c:\program files (x86)\MaxDrivrUpdater
2015-11-04 17:23 . 2015-11-13 23:25	--------	d-----w-	c:\users\Simone\AppData\Roaming\RunDir
2015-11-04 17:23 . 2015-11-04 17:23	--------	d-----w-	c:\users\Simone\AppData\Roaming\NetService
2015-11-03 17:48 . 2015-11-03 18:25	--------	d-----w-	c:\windows\Panther
2015-11-01 16:58 . 2015-11-01 17:08	--------	d-----w-	c:\users\Simone\AppData\Roaming\FFSJ
2015-11-01 15:51 . 2015-11-15 11:48	--------	d-----w-	c:\programdata\boost_interprocess
2015-11-01 15:46 . 2015-11-01 15:46	--------	d-----w-	c:\users\Simone\AppData\Roaming\Ashampoo
2015-11-01 15:46 . 2015-11-01 15:46	--------	d-----w-	c:\users\Simone\AppData\Local\ashampoo
2015-11-01 15:45 . 2015-11-01 15:46	--------	d-----w-	c:\programdata\Ashampoo
2015-11-01 15:45 . 2015-11-01 15:57	--------	d-----w-	c:\program files (x86)\Common Files\AV
2015-11-01 15:44 . 2015-11-01 21:19	--------	d-----w-	c:\program files (x86)\360
2015-11-01 15:44 . 2015-11-01 15:44	--------	d-----w-	c:\users\Simone\AppData\Roaming\sparta111
2015-11-01 15:44 . 2015-11-01 15:44	--------	d-----w-	c:\users\Simone\AppData\Local\Sparta
2015-10-21 12:08 . 2015-10-21 12:08	2997440	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL
2015-10-20 19:26 . 2015-10-20 19:26	--------	d-----w-	c:\program files (x86)\RegCleaner
2015-10-20 18:48 . 2015-11-11 19:26	--------	d-----w-	c:\program files (x86)\Autodesk
2015-10-20 18:43 . 2015-11-11 19:26	--------	d-----w-	c:\program files\Autodesk
2015-10-20 17:37 . 2015-10-20 17:37	--------	d-----w-	c:\program files (x86)\Launch Manager
2015-10-20 17:24 . 2015-10-20 18:55	--------	d-----w-	C:\Autodesk
2015-10-20 15:19 . 2015-10-20 18:48	--------	d-----w-	c:\program files (x86)\Common Files\Autodesk Shared
2015-10-20 15:19 . 2015-10-20 19:05	--------	d-----w-	c:\programdata\Autodesk
2015-10-20 15:14 . 2015-10-20 15:14	26877120	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-10-20 15:14 . 2015-10-20 15:14	112326848	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-10-20 15:09 . 2015-10-20 15:09	112326848	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-10-20 15:09 . 2015-10-20 15:09	37472960	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-10-19 21:01 . 2015-10-19 21:01	--------	d-----w-	c:\programdata\FARO
2015-10-18 15:05 . 2015-10-18 15:16	--------	d-----w-	c:\users\Simone\AppData\Roaming\Grasshopper
2015-10-18 14:59 . 2015-10-18 14:59	--------	d-----w-	c:\users\Simone\AppData\Local\3dmouse
2015-10-18 14:58 . 2015-10-18 14:58	--------	d-----w-	c:\users\Simone\AppData\Local\McNeel
2015-10-18 14:58 . 2015-10-18 14:58	--------	d-----w-	c:\users\Simone\AppData\Roaming\McNeel
2015-10-18 14:57 . 2015-10-18 14:58	--------	d-----w-	c:\programdata\McNeel
2015-10-18 14:57 . 2015-10-18 14:57	--------	d-----w-	c:\program files (x86)\McNeelUpdate
2015-10-18 14:57 . 2015-10-18 14:57	--------	d-----w-	c:\program files\Rhinoceros 5 (64-bit)
2015-10-18 14:57 . 2015-10-18 14:57	--------	d-----w-	c:\program files (x86)\Common Files\McNeel Shared
2015-10-18 14:30 . 2015-10-18 14:30	--------	d-----w-	c:\program files\WinRAR
2015-10-18 11:56 . 2015-10-18 12:03	--------	d-----w-	C:\rhinos
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-11 19:00 . 2015-07-31 16:39	145617392	----a-w-	c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-11 16:39	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 16:39	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 16:39	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 16:39	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 16:39	562176	----a-w-	c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 16:39	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 16:39	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 16:39	211968	----a-w-	c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 16:39	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-10-20 15:25 . 2015-08-04 10:39	520584	----a-r-	c:\users\Simone\AppData\Roaming\Microsoft\Installer\{9D589081-AFC2-4932-9071-AC585AC1EA83}\UninstallTool.D01EB5D5_0EC4_4BDF_A131_1989F9F14A91.exe
2015-10-20 00:45 . 2015-11-11 16:40	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-12 03:05 . 2015-07-31 19:47	1423304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:05 . 2015-07-31 19:47	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:04 . 2015-07-31 19:47	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2015-07-31 19:47	1710752	----a-w-	c:\windows\system32\nvspcap64.dll
2015-10-01 18:06 . 2015-10-14 18:48	692672	----a-w-	c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 18:48	616360	----a-w-	c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 18:48	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 18:48	59392	----a-w-	c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 18:48	32768	----a-w-	c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 18:48	147456	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-10-01 18:00 . 2015-10-14 18:48	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-10-01 17:50 . 2015-10-14 18:48	50688	----a-w-	c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 18:48	61440	----a-w-	c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-14 18:48	25432	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-14 18:48	700416	----a-w-	c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-14 18:48	766464	----a-w-	c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-14 18:48	503808	----a-w-	c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-14 18:48	73216	----a-w-	c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-14 18:48	1291264	----a-w-	c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-14 18:48	1163776	----a-w-	c:\windows\system32\aeinv.dll
2015-09-02 03:04 . 2015-09-10 09:41	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-10 09:41	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-10 09:41	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-10 09:41	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-10 09:41	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-10 09:41	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-10 09:41	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-10 09:41	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-10 09:41	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-10 09:41	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-10 09:41	2004480	----a-w-	c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-10 09:41	1887232	----a-w-	c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-10 09:41	2048	----a-w-	c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-10 09:41	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-10 09:41	1391104	----a-w-	c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-10 09:41	1241088	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-10 09:41	2048	----a-w-	c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-10 09:41	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2011-02-25 05:30	2616320	--shatr-	c:\windows\SysWOW64\explorer.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-10-13 14:13	1731800	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-10-13 14:13	1731800	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-10-13 14:13	1731800	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE" [2013-09-12 298560]
"EPLTarget\P0000000000000002"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE" [2013-09-12 298560]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe" [2015-02-20 1855608]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2012-08-31 508656]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2015-05-31 650784]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2015-05-31 863776]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-11-04 36713096]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2014-06-11 707496]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2015-08-26 218656]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-07-23 1065968]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-01-19 1106512]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-09-17 2292912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AllplanUpdateLauncher 2014;Nemetschek Allplan Updatelauncher Service;c:\program files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe;c:\program files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 AVKProxy;G*DATA*ANTIVIRUS Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G*DATA Scheduler;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G*DATA Dateisystem Wächter;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe  -run;c:\windows\SYSNATIVE\hasplms.exe  -run [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 McNeelUpdate;McNeel Update Service 5.0;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [x]
S2 MyEpson Portal Service;MyEpson Portal Service;c:\program files (x86)\EPSON\MyEpson Portal\mepService.exe;c:\program files (x86)\EPSON\MyEpson Portal\mepService.exe [x]
S2 NetTcpHandler;Net.Tcp Service Handler;c:\users\Simone\AppData\Roaming\NetService\netservice.exe;c:\users\Simone\AppData\Roaming\NetService\netservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 GDFwSvc;G*DATA Personal Firewall;c:\program files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDKBB;G Data GDKBB Driver;c:\windows\system32\drivers\GDKBB64.sys;c:\windows\SYSNATIVE\drivers\GDKBB64.sys [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G*DATA Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-02 c:\windows\Tasks\AutoUpdate Allplan 2014.job
- c:\program files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2015-08-03 01:25]
.
2015-11-15 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-03 12:05]
.
2015-11-15 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-03 12:05]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31 16:23]
.
2015-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31 16:23]
.
2015-11-15 c:\windows\Tasks\WebContent AutoUpdate 2014.job
- c:\program files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2015-08-03 01:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-09-11 18:02	803488	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-09-11 18:02	803488	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-09-11 18:02	803488	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-10-13 14:09	2339032	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-10-13 14:09	2339032	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-10-13 14:09	2339032	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-07-31 13763800]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2015-07-31 1396592]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-09-04 508104]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-4133458633-780925660-3275413234-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.15"
.
[HKEY_USERS\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-4133458633-780925660-3275413234-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\EPSON\MyEpson Portal\mep.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-15  13:18:17 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-15 12:18
.
Vor Suchlauf: 14 Verzeichnis(se), 42.911.490.048 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 42.559.021.056 Bytes frei
.
- - End Of File - - 4897D8F6ABE41F305AD1F86172FB98BA
A36C5E4F47E84449FF07ED3517B43A31
         
So jetzt habe ich das noch mal gemacht ohne irgendwelche fehlermeldungen, und der G Data ist wohl doch nicht ganz aus gewesen, aber jetzt war er das, und es kam von im auch keine Meldung.

Er schmeißt auch eine LOG.txt datei aus, brauchst du die auch?

Hier jetzt noch mal die neue Comofix.txt datei:

Code:
ATTFilter
ComboFix 15-11-15.01 - Simone 15.11.2015  13:37:41.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.8119.5265 [GMT 1:00]
ausgeführt von:: c:\users\Simone\Desktop\ComboFix.exe
AV: G*DATA INTERNET*SECURITY CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G*DATA Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G*DATA INTERNET*SECURITY CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Simone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkmqrrg.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-15 bis 2015-11-15  ))))))))))))))))))))))))))))))
.
.
2015-11-15 12:43 . 2015-11-15 12:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-15 10:24 . 2015-11-15 10:24	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-11-14 10:25 . 2015-11-14 10:30	--------	d-----w-	C:\FRST
2015-11-13 23:25 . 2015-11-13 23:25	--------	d-----w-	c:\program files\Common Files\AV
2015-11-13 23:17 . 2015-11-13 23:41	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-11-13 23:16 . 2015-11-14 09:21	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-11-13 18:44 . 2015-11-13 18:44	--------	d-----w-	C:\found.000
2015-11-13 09:31 . 2015-11-03 17:55	3211264	----a-w-	c:\windows\system32\win32k.sys
2015-11-12 07:30 . 2015-11-12 07:30	--------	d-----w-	c:\program files (x86)\EnerCalC
2015-11-11 18:35 . 2015-11-07 09:24	308144	----a-w-	c:\windows\system32\acengine64.dll
2015-11-11 18:02 . 2015-11-11 18:02	--------	d-----w-	C:\AdwCleaner
2015-11-11 16:40 . 2015-10-30 23:11	817664	----a-w-	c:\windows\system32\jscript.dll
2015-11-11 16:39 . 2015-10-13 16:41	497664	----a-w-	c:\windows\system32\drivers\afd.sys
2015-11-10 14:42 . 2015-08-11 04:52	69416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-11-10 14:42 . 2015-08-11 04:52	50472	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-11-05 14:22 . 2015-11-05 14:22	--------	d-----w-	c:\users\Simone\AppData\Roaming\PDAppFlex
2015-11-04 18:14 . 2015-11-04 18:14	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2015-11-04 18:04 . 2015-11-04 18:11	--------	d-----w-	c:\program files\Adobe
2015-11-04 18:03 . 2015-11-04 18:09	--------	d-----w-	c:\program files\Common Files\Adobe
2015-11-04 17:57 . 2015-11-15 12:33	--------	d-----r-	c:\users\Simone\Creative Cloud Files
2015-11-04 17:52 . 2015-11-04 17:52	--------	d-----w-	c:\users\Simone\AppData\Roaming\shortCutStore
2015-11-04 17:39 . 2015-11-07 09:24	260752	----a-w-	c:\windows\SysWow64\acengine.dll
2015-11-04 17:39 . 2015-11-15 12:44	--------	d-----w-	c:\program files (x86)\Fast-Search
2015-11-04 17:23 . 2015-11-04 17:27	--------	d-----w-	c:\program files (x86)\MaxDrivrUpdater
2015-11-04 17:23 . 2015-11-13 23:25	--------	d-----w-	c:\users\Simone\AppData\Roaming\RunDir
2015-11-04 17:23 . 2015-11-04 17:23	--------	d-----w-	c:\users\Simone\AppData\Roaming\NetService
2015-11-03 17:48 . 2015-11-03 18:25	--------	d-----w-	c:\windows\Panther
2015-11-01 16:58 . 2015-11-01 17:08	--------	d-----w-	c:\users\Simone\AppData\Roaming\FFSJ
2015-11-01 15:51 . 2015-11-15 12:32	--------	d-----w-	c:\programdata\boost_interprocess
2015-11-01 15:46 . 2015-11-01 15:46	--------	d-----w-	c:\users\Simone\AppData\Roaming\Ashampoo
2015-11-01 15:46 . 2015-11-01 15:46	--------	d-----w-	c:\users\Simone\AppData\Local\ashampoo
2015-11-01 15:45 . 2015-11-01 15:46	--------	d-----w-	c:\programdata\Ashampoo
2015-11-01 15:45 . 2015-11-01 15:57	--------	d-----w-	c:\program files (x86)\Common Files\AV
2015-11-01 15:44 . 2015-11-01 21:19	--------	d-----w-	c:\program files (x86)\360
2015-11-01 15:44 . 2015-11-01 15:44	--------	d-----w-	c:\users\Simone\AppData\Roaming\sparta111
2015-11-01 15:44 . 2015-11-01 15:44	--------	d-----w-	c:\users\Simone\AppData\Local\Sparta
2015-10-21 12:08 . 2015-10-21 12:08	2997440	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\1031\MSOINTL.DLL
2015-10-20 19:26 . 2015-10-20 19:26	--------	d-----w-	c:\program files (x86)\RegCleaner
2015-10-20 18:48 . 2015-11-11 19:26	--------	d-----w-	c:\program files (x86)\Autodesk
2015-10-20 18:43 . 2015-11-11 19:26	--------	d-----w-	c:\program files\Autodesk
2015-10-20 17:37 . 2015-10-20 17:37	--------	d-----w-	c:\program files (x86)\Launch Manager
2015-10-20 17:24 . 2015-10-20 18:55	--------	d-----w-	C:\Autodesk
2015-10-20 15:19 . 2015-10-20 18:48	--------	d-----w-	c:\program files (x86)\Common Files\Autodesk Shared
2015-10-20 15:19 . 2015-10-20 19:05	--------	d-----w-	c:\programdata\Autodesk
2015-10-20 15:14 . 2015-10-20 15:14	26877120	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-10-20 15:14 . 2015-10-20 15:14	112326848	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-10-20 15:09 . 2015-10-20 15:09	112326848	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\MSORES.DLL
2015-10-20 15:09 . 2015-10-20 15:09	37472960	----a-w-	c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2015-10-19 21:01 . 2015-10-19 21:01	--------	d-----w-	c:\programdata\FARO
2015-10-18 15:05 . 2015-10-18 15:16	--------	d-----w-	c:\users\Simone\AppData\Roaming\Grasshopper
2015-10-18 14:59 . 2015-10-18 14:59	--------	d-----w-	c:\users\Simone\AppData\Local\3dmouse
2015-10-18 14:58 . 2015-10-18 14:58	--------	d-----w-	c:\users\Simone\AppData\Local\McNeel
2015-10-18 14:58 . 2015-10-18 14:58	--------	d-----w-	c:\users\Simone\AppData\Roaming\McNeel
2015-10-18 14:57 . 2015-10-18 14:58	--------	d-----w-	c:\programdata\McNeel
2015-10-18 14:57 . 2015-10-18 14:57	--------	d-----w-	c:\program files (x86)\McNeelUpdate
2015-10-18 14:57 . 2015-10-18 14:57	--------	d-----w-	c:\program files\Rhinoceros 5 (64-bit)
2015-10-18 14:57 . 2015-10-18 14:57	--------	d-----w-	c:\program files (x86)\Common Files\McNeel Shared
2015-10-18 14:30 . 2015-10-18 14:30	--------	d-----w-	c:\program files\WinRAR
2015-10-18 11:56 . 2015-10-18 12:03	--------	d-----w-	C:\rhinos
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-11 19:00 . 2015-07-31 16:39	145617392	----a-w-	c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-11 16:39	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 16:39	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 16:39	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 16:39	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 16:39	562176	----a-w-	c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 16:39	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 16:39	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 16:39	211968	----a-w-	c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 16:39	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-10-20 15:25 . 2015-08-04 10:39	520584	----a-r-	c:\users\Simone\AppData\Roaming\Microsoft\Installer\{9D589081-AFC2-4932-9071-AC585AC1EA83}\UninstallTool.D01EB5D5_0EC4_4BDF_A131_1989F9F14A91.exe
2015-10-20 00:45 . 2015-11-11 16:40	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-12 03:05 . 2015-07-31 19:47	1423304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:05 . 2015-07-31 19:47	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:04 . 2015-07-31 19:47	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2015-07-31 19:47	1710752	----a-w-	c:\windows\system32\nvspcap64.dll
2015-10-01 18:06 . 2015-10-14 18:48	692672	----a-w-	c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 18:48	616360	----a-w-	c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 18:48	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 18:48	59392	----a-w-	c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 18:48	32768	----a-w-	c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 18:48	147456	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-10-01 18:00 . 2015-10-14 18:48	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-10-01 17:50 . 2015-10-14 18:48	50688	----a-w-	c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 18:48	61440	----a-w-	c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-14 18:48	25432	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-14 18:48	700416	----a-w-	c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-14 18:48	766464	----a-w-	c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-14 18:48	503808	----a-w-	c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-14 18:48	73216	----a-w-	c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-14 18:48	1291264	----a-w-	c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-14 18:48	1163776	----a-w-	c:\windows\system32\aeinv.dll
2015-09-02 03:04 . 2015-09-10 09:41	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-10 09:41	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-10 09:41	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-10 09:41	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-10 09:41	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-10 09:41	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-10 09:41	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-10 09:41	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-10 09:41	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-10 09:41	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-10 09:41	2004480	----a-w-	c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-10 09:41	1887232	----a-w-	c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-10 09:41	2048	----a-w-	c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-10 09:41	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-10 09:41	1391104	----a-w-	c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-10 09:41	1241088	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-10 09:41	2048	----a-w-	c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-10 09:41	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2011-02-25 05:30	2616320	--shatr-	c:\windows\SysWOW64\explorer.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-10-13 14:13	1731800	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-10-13 14:13	1731800	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-10-13 14:13	1731800	----a-w-	c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"EPLTarget\P0000000000000001"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE" [2013-09-12 298560]
"EPLTarget\P0000000000000002"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE" [2013-09-12 298560]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe" [2015-02-20 1855608]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2012-08-31 508656]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2015-05-31 650784]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2015-05-31 863776]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2015-11-04 36713096]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2014-06-11 707496]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2015-08-26 218656]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-07-23 1065968]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-01-19 1106512]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-09-17 2292912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"ADSKAppManager"="c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe  [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AllplanUpdateLauncher 2014;Nemetschek Allplan Updatelauncher Service;c:\program files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe;c:\program files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 AVKProxy;G*DATA*ANTIVIRUS Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G*DATA Scheduler;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G*DATA Dateisystem Wächter;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe  -run;c:\windows\SYSNATIVE\hasplms.exe  -run [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 McNeelUpdate;McNeel Update Service 5.0;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe;c:\program files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [x]
S2 MyEpson Portal Service;MyEpson Portal Service;c:\program files (x86)\EPSON\MyEpson Portal\mepService.exe;c:\program files (x86)\EPSON\MyEpson Portal\mepService.exe [x]
S2 NetTcpHandler;Net.Tcp Service Handler;c:\users\Simone\AppData\Roaming\NetService\netservice.exe;c:\users\Simone\AppData\Roaming\NetService\netservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe;c:\program files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [x]
S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 GDFwSvc;G*DATA Personal Firewall;c:\program files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDKBB;G Data GDKBB Driver;c:\windows\system32\drivers\GDKBB64.sys;c:\windows\SYSNATIVE\drivers\GDKBB64.sys [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G*DATA Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-02 c:\windows\Tasks\AutoUpdate Allplan 2014.job
- c:\program files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2015-08-03 01:25]
.
2015-11-15 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-03 12:05]
.
2015-11-15 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-03 12:05]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2015-11-02 00:20]
.
2015-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31 16:23]
.
2015-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-31 16:23]
.
2015-11-15 c:\windows\Tasks\WebContent AutoUpdate 2014.job
- c:\program files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2015-08-03 01:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-09-11 18:02	803488	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-09-11 18:02	803488	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-09-11 18:02	803488	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\program files (x86)\Dropbox\Client\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-10-13 14:09	2339032	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-10-13 14:09	2339032	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-10-13 14:09	2339032	----a-w-	c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-07-31 13763800]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2015-07-31 1396592]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-09-04 508104]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-4133458633-780925660-3275413234-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.15"
.
[HKEY_USERS\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-4133458633-780925660-3275413234-1000)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\EPSON\MyEpson Portal\mep.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-15  13:49:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-15 12:49
ComboFix2.txt  2015-11-15 12:18
.
Vor Suchlauf: 19 Verzeichnis(se), 42.602.807.296 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 42.510.876.672 Bytes frei
.
- - End Of File - - C393618E41067DF535A95E9222491BE2
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 15.11.2015, 15:51   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.11.2015, 18:41   #8
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



mbam.txt:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 15.11.2015
Suchlaufzeit: 17:40
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.15.03
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Simone

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 359988
Abgelaufene Zeit: 9 Min., 48 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 91
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\TYPELIB\{029AF757-A988-4BDD-A744-A4C7BCEBB011}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{024BF4C8-B53D-45B9-957F-D3BA9655FF39}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{074DCA49-F6A1-417F-B79E-D5E3ADC30330}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{3323765B-5B83-4406-841E-473DBA4B8F29}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{389562C4-59D9-40C4-966E-28DA91725FFE}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{6ED1EF08-DFF4-4252-8986-691D06C54131}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{83E07061-02D1-41EC-8751-BB176B823C38}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{9F0948E7-227A-4F1B-9849-2D8912F185A7}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{A471A4AA-5C18-429F-81BF-6C760941DB74}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\INTERFACE\{F7971E81-FC71-4659-8CCE-C903576E0924}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{024BF4C8-B53D-45B9-957F-D3BA9655FF39}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{074DCA49-F6A1-417F-B79E-D5E3ADC30330}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3323765B-5B83-4406-841E-473DBA4B8F29}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{389562C4-59D9-40C4-966E-28DA91725FFE}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6ED1EF08-DFF4-4252-8986-691D06C54131}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{83E07061-02D1-41EC-8751-BB176B823C38}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9F0948E7-227A-4F1B-9849-2D8912F185A7}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A471A4AA-5C18-429F-81BF-6C760941DB74}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F7971E81-FC71-4659-8CCE-C903576E0924}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{024BF4C8-B53D-45B9-957F-D3BA9655FF39}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{074DCA49-F6A1-417F-B79E-D5E3ADC30330}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3323765B-5B83-4406-841E-473DBA4B8F29}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{389562C4-59D9-40C4-966E-28DA91725FFE}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6ED1EF08-DFF4-4252-8986-691D06C54131}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{83E07061-02D1-41EC-8751-BB176B823C38}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9F0948E7-227A-4F1B-9849-2D8912F185A7}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A471A4AA-5C18-429F-81BF-6C760941DB74}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F7971E81-FC71-4659-8CCE-C903576E0924}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{029AF757-A988-4BDD-A744-A4C7BCEBB011}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{029AF757-A988-4BDD-A744-A4C7BCEBB011}, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataContainer, In Quarantäne, [d07fe09ecdbe2c0abdab114cd330b749], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataContainer.1, In Quarantäne, [391693ebe0ab3204dd8bafaef60db848], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataController, In Quarantäne, [153a0f6f5c2f171ff870be9fed168c74], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataController.1, In Quarantäne, [4a050c722269251174f41548aa59a45c], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataTable, In Quarantäne, [301fdda1e5a60c2a066266f7748f35cb], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataTable.1, In Quarantäne, [3b14a6d883080a2c86e28ecfab58718f], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataTableFields, In Quarantäne, [0946344a3952e4520563411c956e48b8], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataTableFields.1, In Quarantäne, [58f73846206bcb6b2c3cd28ba45f748c], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataTableHolder, In Quarantäne, [3619fe80cfbce84ee781144919ea4bb5], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.DataTableHolder.1, In Quarantäne, [c38ccfaf8cff4fe7b2b6550800033ac6], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.LSPLogic, In Quarantäne, [cd82ee90abe0a59117519ac3b251867a], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.LSPLogic.1, In Quarantäne, [99b6641a6d1eab8b9ccce4797f840cf4], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.ReadOnlyManager, In Quarantäne, [6ae5f08e9deec6708bddd88532d131cf], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.ReadOnlyManager.1, In Quarantäne, [62ed0579612a5bdb8ddb1845669d3cc4], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.WFPController, In Quarantäne, [77d8790593f813239fc9da83946f9769], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\acengineLib.WFPController.1, In Quarantäne, [2b240a74028952e4293fd588b350b64a], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\APPID\acengine.EXE, In Quarantäne, [f15e423c98f354e2a46cb8d056acf10f], 
PUP.Optional.Acengine, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\acengine.EXE, In Quarantäne, [a6a937477b10a98d0d03dbad4bb7cc34], 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [9db2f886642770c61629793123e0f20e], 
PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExd, In Quarantäne, [75da93eb0388b3837447411de122bf41], 
PUP.Optional.AmiUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\amiupdaterExi, In Quarantäne, [024d6717c9c275c11aa1b4aaab58cf31], 
PUP.Optional.FasterSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\uhy3013, Löschen bei Neustart, [143b77075b30003614f831a58d76e51b], 
PUP.Optional.GameGogle, HKLM\SOFTWARE\SAKURA, In Quarantäne, [91beb5c97219f93dc104a1070bf83cc4], 
PUP.Optional.MaxDriverUpdater, HKLM\SOFTWARE\WOW6432NODE\MaxDrivrUpdater, In Quarantäne, [fd5283fb8308191d003bcbb39b689b65], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataContainer, In Quarantäne, [3f10fc822566df57bbad92cb9e658080], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataContainer.1, In Quarantäne, [eb64423c5e2d1f17f96f9dc0c3403ec2], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataController, In Quarantäne, [fb54abd37e0de1555e0a065718eb34cc], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataController.1, In Quarantäne, [85ca007e7d0e80b6b3b579e436cd956b], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataTable, In Quarantäne, [78d70777aae1bd79aeba0b52a45f718f], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataTable.1, In Quarantäne, [d47b2b530883af8773f519449f6425db], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataTableFields, In Quarantäne, [eb64631ba7e4bb7b610799c4c73c7987], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataTableFields.1, In Quarantäne, [d17ef18dc8c3b482d791f26b9e6519e7], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataTableHolder, In Quarantäne, [59f6acd238534beb7cecf66720e336ca], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.DataTableHolder.1, In Quarantäne, [91be700e880389ad69ffd08dd92af40c], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.LSPLogic, In Quarantäne, [98b77905b2d949ed7debd7868f74e31d], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.LSPLogic.1, In Quarantäne, [0f40344a503b072ff3752a33d62d8d73], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.ReadOnlyManager, In Quarantäne, [e16e9ae4a8e3a88e99cfc69701026d93], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.ReadOnlyManager.1, In Quarantäne, [b6994b330f7c90a697d1f06dc83b32ce], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.WFPController, In Quarantäne, [0d42700e315a8da98bdd1a430bf8ce32], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\acengineLib.WFPController.1, In Quarantäne, [73dc85f942491521d4941548f50e28d8], 
PUP.Optional.Acengine, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\acengine.EXE, In Quarantäne, [034c215d8407e6507a96c7c18b770af6], 
PUP.Optional.FastSearch, HKLM\SOFTWARE\WOW6432NODE\FAST-SEARCH, In Quarantäne, [60efdba391fa91a50012dbad16ecc838], 
PUP.Optional.GameGogle, HKLM\SOFTWARE\WOW6432NODE\SAKURA, In Quarantäne, [ce81740a622945f1f5d0f1b7cd3619e7], 
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, In Quarantäne, [db7477077d0e37ffb87572279a697b85], 
PUP.Optional.NetService, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETTCPHANDLER, In Quarantäne, [5ff088f603886bcbcfff3a4d02009f61], 
PUP.Optional.InstallCore, HKU\S-1-5-21-4133458633-780925660-3275413234-1000\SOFTWARE\ICSW1.12, In Quarantäne, [2d2226587318f4427a81d7a27a897888], 
PUP.Optional.Hicosmea, HKU\S-1-5-21-4133458633-780925660-3275413234-1000\SOFTWARE\ryofward, In Quarantäne, [351abdc10e7d37ff3022cabf0bf7827e], 
PUP.Optional.WinYahoo, HKU\S-1-5-21-4133458633-780925660-3275413234-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [0748f787cebda88edf5e0e9c3cc7ee12], 
PUP.Optional.ProductSetup, HKU\S-1-5-21-4133458633-780925660-3275413234-1000\SOFTWARE\PRODUCTSETUP, In Quarantäne, [bd92007ec9c296a0ec20e0aadd2614ec], 

Registrierungswerte: 9
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_31&param1=1&param2=f[9db2f886642770c61629793123e0f20e]D4%26b[9db2f886642770c61629793123e0f20e]DIE%26cc[9db2f886642770c61629793123e0f20e]Dde%26pa[9db2f886642770c61629793123e0f20e]DWincy%26cd[9db2f886642770c61629793123e0f20e]D2XzuyEtN2Y1L1QzuyD0CzytA0AtB0FyBtAyC0AtAyEzyzyyDtN0D0Tzu0StCtAtDzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEzzzy0AyC0EtB0EtGtDzytA0DtGtAtDyC0FtGtB0DtCtCtG0F0BtD0FyB0FyE0EtByByE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AyEtDtB0F0DtDtGyE0AtA0BtGyE0BtBzztGzz0B0CtBtGtCtC0B0EtCtA0EtB0CyE0E0D2QtN0A0LzuyE%26cr[9db2f886642770c61629793123e0f20e]D295985657%26a[9db2f886642770c61629793123e0f20e]Dwncy_ir_15_31%26os[9db2f886642770c61629793123e0f20e]DWindowsIn QuarantäneB7In QuarantäneBProfessional&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_31&param1=1&param2=f[ec637a046625e45237088624cd36f709]D4%26b[ec637a046625e45237088624cd36f709]DIE%26cc[ec637a046625e45237088624cd36f709]Dde%26pa[ec637a046625e45237088624cd36f709]DWincy%26cd[ec637a046625e45237088624cd36f709]D2XzuyEtN2Y1L1QzuyD0CzytA0AtB0FyBtAyC0AtAyEzyzyyDtN0D0Tzu0StCtAtDzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEzzzy0AyC0EtB0EtGtDzytA0DtGtAtDyC0FtGtB0DtCtCtG0F0BtD0FyB0FyE0EtByByE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AyEtDtB0F0DtDtGyE0AtA0BtGyE0BtBzztGzz0B0CtBtGtCtC0B0EtCtA0EtB0CyE0E0D2QtN0A0LzuyE%26cr[ec637a046625e45237088624cd36f709]D295985657%26a[ec637a046625e45237088624cd36f709]Dwncy_ir_15_31%26os[ec637a046625e45237088624cd36f709]DWindowsIn QuarantäneB7In QuarantäneBProfessional&p={searchTerms}, %4, %5
PUP.Optional.GameGogle, HKLM\SOFTWARE\SAKURA|gamegogle, 1, In Quarantäne, [91beb5c97219f93dc104a1070bf83cc4]
PUP.Optional.FastSearch, HKLM\SOFTWARE\WOW6432NODE\FAST-SEARCH|affid, 1123, In Quarantäne, [60efdba391fa91a50012dbad16ecc838]
PUP.Optional.GameGogle, HKLM\SOFTWARE\WOW6432NODE\SAKURA|gamegogle, 1, In Quarantäne, [ce81740a622945f1f5d0f1b7cd3619e7]
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, C92E5F0E-E9E3-4186-B228-829DB152EF5D, In Quarantäne, [db7477077d0e37ffb87572279a697b85]
PUP.Optional.NetService, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETTCPHANDLER|ImagePath, C:\Users\Simone\AppData\Roaming\NetService\netservice.exe -start, In Quarantäne, [5ff088f603886bcbcfff3a4d02009f61]
PUP.Optional.WinYahoo, HKU\S-1-5-21-4133458633-780925660-3275413234-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_31&param1=1&param2=f[0748f787cebda88edf5e0e9c3cc7ee12]D4%26b[0748f787cebda88edf5e0e9c3cc7ee12]DIE%26cc[0748f787cebda88edf5e0e9c3cc7ee12]Dde%26pa[0748f787cebda88edf5e0e9c3cc7ee12]DWincy%26cd[0748f787cebda88edf5e0e9c3cc7ee12]D2XzuyEtN2Y1L1QzuyD0CzytA0AtB0FyBtAyC0AtAyEzyzyyDtN0D0Tzu0StCtAtDzytN1L2XzutAtFtCtBtFyDtFtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyEzzzy0AyC0EtB0EtGtDzytA0DtGtAtDyC0FtGtB0DtCtCtG0F0BtD0FyB0FyE0EtByByE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0AyEtDtB0F0DtDtGyE0AtA0BtGyE0BtBzztGzz0B0CtBtGtCtC0B0EtCtA0EtB0CyE0E0D2QtN0A0LzuyE%26cr[0748f787cebda88edf5e0e9c3cc7ee12]D295985657%26a[0748f787cebda88edf5e0e9c3cc7ee12]Dwncy_ir_15_31%26os[0748f787cebda88edf5e0e9c3cc7ee12]DWindowsIn QuarantäneB7In QuarantäneBProfessional&p={searchTerms}, %4, %5
PUP.Optional.ProductSetup, HKU\S-1-5-21-4133458633-780925660-3275413234-1000\SOFTWARE\PRODUCTSETUP|tb, 0N2Y1N1N1S2X, In Quarantäne, [bd92007ec9c296a0ec20e0aadd2614ec]

Registrierungsdaten: 1
PUP.Optional.ToHotWeb, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, www.tohotweb.com?oem=sunadusv4&uid=W77082F6_ST1000LM014-1EJ164&tm=1446659530, Gut: (www.google.com), Schlecht: (www.tohotweb.com?oem=sunadusv4&uid=W77082F6_ST1000LM014-1EJ164&tm=1446659530),Ersetzt,[64eb275745461c1a7a48d87ed331768a]

Ordner: 16
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\acengine, In Quarantäne, [aba4f589aedd2115fb0b8243867d916f], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
PUP.Optional.MaxDriverUpdater, C:\Program Files (x86)\MaxDrivrUpdater, In Quarantäne, [ff50631b8dfe7cbafc0c97d88a78e61a], 
PUP.Optional.MaxDriverUpdater, C:\Program Files (x86)\MaxDrivrUpdater_v121.7239, In Quarantäne, [da75a9d5d1ba1f1782866609f30f46ba], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales\en, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales\en_US, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales\pt_BR, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_metadata, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.NetService, C:\Users\Simone\AppData\Roaming\NetService, In Quarantäne, [70df8af4800b3bfbf483f886fa0a2ad6], 

Dateien: 102
PUP.Optional.QuarkNetwork, C:\Users\Simone\AppData\Roaming\NetService\sc.exe, In Quarantäne, [222d28569deef83e2838c3d9b94839c7], 
Trojan.InfoStealer, C:\Program Files (x86)\Fast-Search\acengine.dll, In Quarantäne, [6be4b4cac4c758dec6984d554db4a858], 
PUP.Optional.FastSearch, C:\Program Files (x86)\Fast-Search\uninstall.exe, In Quarantäne, [4f00e39bcdbedc5a0faf0d8714ede818], 
PUP.Optional.MaxDriverUpdater, C:\Program Files (x86)\MaxDrivrUpdater_v121.7239\MaxDrivrUpdater_Service.exe, In Quarantäne, [c689017da6e5bc7a9032514331d0e11f], 
Trojan.InfoStealer, C:\Windows\SysWOW64\acengine.dll, In Quarantäne, [1837394523680c2a5509802258a9a65a], 
Trojan.Vundo, C:\Windows\SysWOW64\IERNONCE.DLL.VIR, In Quarantäne, [b49bf18d107b02343ef2ab58699a9e62], 
Trojan.Vundo, C:\Windows\SysWOW64\LICMGR10.DLL.VIR, In Quarantäne, [024de7975d2eab8bc16fa85b5ea5a65a], 
PUP.Optional.WinYahoo, C:\Users\Simone\AppData\LocalLow\Microsoft\Internet Explorer\Services\Wincy.ico, In Quarantäne, [dd72c2bc8dfe092d8df443661ee5629e], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\acengine.tlb, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\lengine.ini, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\ACDLL.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\ACDLL64.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\ACDLL64.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\acengine.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\acengine64.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\acenginecert.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\ACInstaller.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\acwfp.sys, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\acwfp64.sys, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\freebl3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\gre.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\gte3014.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\lengine.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\lengine64.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\libnspr4.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\libplc4.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\libplds4.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\nss3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\nssckbi.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\nssdbm3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\nssutil3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\slite.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\smime3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\softokn3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\sqlite3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\ssl3.dll, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Program Files (x86)\Fast-Search\uhy3013.exe, In Quarantäne, [73dc2d51018a63d3439f527251b2ac54], 
PUP.Optional.Winsock.WnskRST, C:\Windows\SysWOW64\acengine.dll, In Quarantäne, [7cd3a9d5bad1cb6ba34a17ad31d24fb1], 
PUP.Optional.Winsock.WnskRST, C:\Windows\System32\acengine64.dll, Löschen bei Neustart, [37181e60e0abe55158978c38dd2644bc], 
PUP.Optional.Winsock.WnskRST, C:\Windows\System32\acengineOff.ini, In Quarantäne, [bb94314d3853a294569a408452b1e21e], 
PUP.Optional.Winsock.WnskRST, C:\Windows\SysWOW64\acengineOff.ini, In Quarantäne, [bd92304ec7c443f3c030665e50b341bf], 
PUP.Optional.Winsock.WnskRST, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\acengine\acengine.ini, In Quarantäne, [aba4f589aedd2115fb0b8243867d916f], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\ntservertemp.ini, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\anbd.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\autoupdate.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\bd.dll, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\ccec.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\execute.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\lc.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\ntserver.ini, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\rbt.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\ud40.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\temp\wrg.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\anbd.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\autoupdate.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\ccec.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\execute.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\lc.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\ntserver.ini, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\rbt.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\ud40.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
PUP.Optional.AdPopup, C:\Users\Simone\AppData\Roaming\RunDir\wrg.exe, In Quarantäne, [410eeb93b8d35cda21e29e2880839e62], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\ntserver.ini, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\anbd.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\autoupdate.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\bd.dll, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\ccec.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\execute.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\lc.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\ntservertemp.ini, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\rbt.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\ud40.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\temp\wrg.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\anbd.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\autoupdate.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\ccec.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\execute.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\lc.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\ntserver.ini, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\rbt.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\ud40.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
Trojan.StartPage, C:\Users\Simone\AppData\Roaming\RunDir\wrg.exe, In Quarantäne, [e669f18d8308231357b63d8f699a8878], 
PUP.Optional.FasterSearch, C:\Windows\System32\Tasks\uhy3013, In Quarantäne, [c986c4ba7813be78d53524b23fc44bb5], 
PUP.Optional.NetService, C:\Users\Simone\AppData\Roaming\NetService\netservice.exe, In Quarantäne, [5ff088f603886bcbcfff3a4d02009f61], 
PUP.Optional.MaxDriverUpdater, C:\Program Files (x86)\MaxDrivrUpdater\Maxdriverupdater.exe, In Quarantäne, [ff50631b8dfe7cbafc0c97d88a78e61a], 
PUP.Optional.MaxDriverUpdater, C:\Program Files (x86)\MaxDrivrUpdater_v121.7239\ioproduct.exe, In Quarantäne, [da75a9d5d1ba1f1782866609f30f46ba], 
PUP.Optional.MaxDriverUpdater, C:\Program Files (x86)\MaxDrivrUpdater_v121.7239\ioprotect_conf.xml, In Quarantäne, [da75a9d5d1ba1f1782866609f30f46ba], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\background.html, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\background.js, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\ga.js, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\icon_128.png, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\icon_16.png, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\main.js, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\manifest.json, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\popup.html, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\popup.js, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales\en\messages.json, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales\en_US\messages.json, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_locales\pt_BR\messages.json, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_metadata\computed_hashes.json, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.EasyCalendar.ChrPRST, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk\1.0.0_0\_metadata\verified_contents.json, In Quarantäne, [67e8e7973457d26400dff68b6d955ba5], 
PUP.Optional.NetService, C:\Users\Simone\AppData\Roaming\NetService\conf.ini, In Quarantäne, [70df8af4800b3bfbf483f886fa0a2ad6], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
AdwCleaner[C1].txt

Code:
ATTFilter
# AdwCleaner v5.021 - Bericht erstellt am 15/11/2015 um 18:23:10
# Aktualisiert am 14/11/2015 von Xplode
# Datenbank : 2015-11-13.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Simone - SIMONE-PC
# Gestartet von : C:\Users\Simone\Downloads\adwcleaner_5.021.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Simone\AppData\Roaming\shortCutStore

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****

[-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Verknüpfung Desinfiziert : C:\Users\Simone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Simone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Simone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Aufgabenplanung ] *****

[-] Aufgabenplanung Gelöscht : Sparta W2
[-] Aufgabenplanung Gelöscht : Sparta W1
[-] Aufgabenplanung Gelöscht : Sparta N
[-] Aufgabenplanung Gelöscht : Sparta D1
[-] Aufgabenplanung Gelöscht : AutoUpdate Allplan 2014
[-] Aufgabenplanung Gelöscht : AutoUpdate Allplan 2014

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\NetTcpHandler
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9F2949D6-977B-4B61-B513-0C2EE52C2B4F}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{34EBA76A-E745-4B18-96C9-2B8E2BA8B246}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A8E009B-E66D-4016-87CF-EC57FA9A4BC1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4D4D0357-0376-4656-A040-65AC089E84A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D5AF218-5F7E-40E0-B49D-54FFAFE2001A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{89E46EA6-2F87-4D79-8FFA-8B264F93F54A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9ECCDEFC-1C26-4BB3-B6DF-252672D9FFFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1BC674D-15D8-46C5-AC51-12AB16D67616}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F811C371-1DC7-4E2F-8676-D96B85BE4AF1}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\UpdateStar
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\acengine
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\NetTcpHandler
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\NtSvcHandler
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tohotweb.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.tohotweb.com

***** [ Internetbrowser ] *****

[-] [C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search provided by yahoo.com
[-] [C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jcgcoifbkbphhjnekfkmohklfaimhikk

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4504 Bytes] ##########
         
JRT.txt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Professional x64
Ran by Simone on 15.11.2015 at 18:31:46,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Simone\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Simone\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Simone\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Simone\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.11.2015 at 18:35:49,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und eine Frische FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Simone (Administrator) auf SIMONE-PC (15-11-2015 18:38:51)
Gestartet von C:\Users\Simone\Desktop
Geladene Profile: Simone (Verfügbare Profile: Simone)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\GUI\GDSC.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-08-26] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-01-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Policies\Explorer: [] 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F9667D8B-BE2A-4987-91C3-25554B84692C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4133458633-780925660-3275413234-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome: 
=======
CHR StartupUrls: Profile 2 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-31]
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-31]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-31]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (Adguard Werbeblocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-07]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-06]
CHR Extension: (EasyCalendar) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-13]
CHR Extension: (Popup Blocker Pro) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-13]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
S2 AllplanUpdateLauncher 2014; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe [16680 2014-05-24] (Nemetschek Allplan Systems GmbH)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [309376 2015-01-30] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
S2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
S2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-31] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-31] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-31] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-08-02] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-31] (G Data Software AG)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 18:35 - 2015-11-15 18:35 - 00001272 _____ C:\Users\Simone\Desktop\JRT.txt
2015-11-15 18:31 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Simone\Desktop\JRT.exe
2015-11-15 18:30 - 2015-11-15 18:30 - 01798976 _____ (Malwarebytes) C:\Users\Simone\Downloads\JRT.exe
2015-11-15 18:25 - 2015-11-15 18:25 - 00004598 _____ C:\Users\Simone\Desktop\AdwCleaner[C1].txt
2015-11-15 18:10 - 2015-11-15 18:10 - 01732096 _____ C:\Users\Simone\Downloads\adwcleaner_5.021.exe
2015-11-15 18:05 - 2015-11-15 18:05 - 00035661 _____ C:\Users\Simone\Desktop\mbam.txt
2015-11-15 17:38 - 2015-11-15 18:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 17:38 - 2015-11-15 17:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-15 17:38 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-15 17:38 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-15 17:38 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-15 13:49 - 2015-11-15 13:49 - 00037517 _____ C:\ComboFix.txt
2015-11-15 13:01 - 2015-11-15 13:49 - 00000000 ____D C:\Qoobox
2015-11-15 13:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-15 13:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-15 13:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-15 11:49 - 2015-11-15 13:16 - 00000000 ____D C:\Windows\erdnt
2015-11-15 11:45 - 2015-11-15 11:45 - 05637834 ____R (Swearware) C:\Users\Simone\Desktop\ComboFix.exe
2015-11-15 11:24 - 2015-11-15 11:24 - 00001270 _____ C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2015-11-15 11:24 - 2015-11-15 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-14 11:28 - 2015-11-14 11:30 - 00053462 _____ C:\Users\Simone\Desktop\Addition.txt
2015-11-14 11:27 - 2015-11-15 18:38 - 00027717 _____ C:\Users\Simone\Desktop\FRST.txt
2015-11-14 11:25 - 2015-11-15 18:38 - 00000000 ____D C:\FRST
2015-11-14 11:24 - 2015-11-14 11:24 - 02198528 _____ (Farbar) C:\Users\Simone\Desktop\FRST64.exe
2015-11-14 11:22 - 2015-11-14 11:22 - 00000000 _____ C:\Users\Simone\defogger_reenable
2015-11-14 00:41 - 2015-11-14 00:41 - 00000085 _____ C:\Windows\wininit.ini
2015-11-14 00:33 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20151114-003354.backup
2015-11-14 00:25 - 2015-11-14 00:25 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-14 00:17 - 2015-11-14 00:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-14 00:17 - 2015-11-14 00:17 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-11-13 21:08 - 2015-11-13 21:08 - 00003174 _____ C:\Windows\System32\Tasks\{75E8A2F2-E9BC-46BC-BE92-2D693A7F8AF2}
2015-11-13 21:07 - 2015-11-13 21:07 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Macromedia
2015-11-13 19:44 - 2015-11-13 19:44 - 00000000 ____D C:\found.000
2015-11-13 10:31 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 15:01 - 2015-11-12 15:01 - 00262144 ____N C:\Windows\Minidump\111215-11185-01.dmp
2015-11-12 15:01 - 2015-11-12 15:01 - 00000000 ____D C:\Windows\Minidump
2015-11-12 08:30 - 2015-11-12 08:30 - 00001112 _____ C:\Users\Public\Desktop\EnerCalC.lnk
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnerCalC
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\Program Files (x86)\EnerCalC
2015-11-11 19:02 - 2015-11-15 18:23 - 00000000 ____D C:\AdwCleaner
2015-11-11 18:24 - 2015-11-11 18:24 - 00000000 _____ C:\Windows\setuperr.log
2015-11-11 17:41 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 17:41 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 17:41 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 17:41 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 17:41 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:41 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 17:41 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 17:41 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 17:41 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 17:41 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 17:41 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 17:41 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 17:41 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 17:41 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 17:41 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:41 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll.vir
2015-11-11 17:41 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 17:41 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll.vir
2015-11-11 17:41 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 17:41 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll.vir
2015-11-11 17:41 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:41 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 17:41 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 17:41 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:41 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll.vir
2015-11-11 17:41 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll.vir
2015-11-11 17:41 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 17:41 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 17:41 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:41 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 17:41 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:41 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:41 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 17:41 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:40 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:40 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 17:40 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 17:40 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 17:40 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 17:40 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:40 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:40 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 17:40 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 17:40 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 17:40 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 17:40 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 17:40 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:40 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 17:40 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 17:40 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:40 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:40 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 17:39 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 17:39 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:39 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:39 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 17:39 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 17:39 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 17:39 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-09 22:32 - 2015-11-09 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-06 19:48 - 2015-11-06 19:48 - 00000000 _____ C:\autoexec.bat
2015-11-05 15:22 - 2015-11-05 15:22 - 00000000 ____D C:\Users\Simone\AppData\Roaming\PDAppFlex
2015-11-05 15:21 - 2015-11-05 15:21 - 00003506 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Simone-PC-Simone
2015-11-04 19:14 - 2015-11-04 19:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-04 19:09 - 2015-11-04 19:09 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2015-11-04 19:04 - 2015-11-04 19:11 - 00000000 ____D C:\Program Files\Adobe
2015-11-04 19:03 - 2015-11-04 19:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-04 18:57 - 2015-11-15 18:26 - 00000000 ___RD C:\Users\Simone\Creative Cloud Files
2015-11-04 18:54 - 2015-11-04 18:54 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-04 18:54 - 2015-11-04 18:54 - 00001215 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-03 23:21 - 2015-11-15 18:21 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-15 18:21 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-03 23:21 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 23:21 - 2015-11-03 23:21 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 18:48 - 2015-11-03 19:25 - 00000000 ____D C:\Windows\Panther
2015-11-03 18:47 - 2015-11-15 17:47 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-15 17:47 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-03 18:47 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-03 18:47 - 2015-11-03 18:47 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-02 21:15 - 2015-11-02 21:15 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-11-01 22:14 - 2015-11-01 22:14 - 00000052 _____ C:\Users\Simone\Desktop\11.txt
2015-11-01 17:58 - 2015-11-01 18:08 - 00000000 ____D C:\Users\Simone\AppData\Roaming\FFSJ
2015-11-01 16:51 - 2015-11-15 18:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Ashampoo
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Local\ashampoo
2015-11-01 16:45 - 2015-11-01 16:46 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-01 16:44 - 2015-11-01 22:19 - 00000000 ____D C:\Program Files (x86)\360
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\sparta111
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Local\Sparta
2015-10-26 09:13 - 2015-10-26 09:14 - 00000000 ____D C:\Users\Simone\Desktop\nein Fotos
2015-10-20 20:26 - 2015-10-20 20:26 - 00000964 _____ C:\Users\Simone\Desktop\RegCleaner.lnk
2015-10-20 20:26 - 2015-10-20 20:26 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2015-10-20 19:56 - 2015-10-20 19:56 - 00002106 _____ C:\Users\Public\Desktop\AutoCAD 2016 - Deutsch (German).lnk
2015-10-20 19:48 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files (x86)\Autodesk
2015-10-20 19:43 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files\Autodesk
2015-10-20 19:42 - 2015-11-11 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-20 18:37 - 2015-10-20 18:37 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-20 18:24 - 2015-10-20 19:55 - 00000000 ____D C:\Autodesk
2015-10-20 16:19 - 2015-10-20 20:05 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-19 22:01 - 2015-10-19 22:01 - 00000000 ____D C:\ProgramData\FARO
2015-10-19 21:57 - 2015-10-19 21:57 - 00000000 ____D C:\Users\Simone\Documents\Inventor Server SDK ACAD 2016
2015-10-19 21:56 - 2015-10-19 21:56 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-19 20:53 - 2015-10-19 21:03 - 00001531 _____ C:\Windows\SysWOW64\debug.log
2015-10-18 16:05 - 2015-10-18 16:16 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Grasshopper
2015-10-18 15:59 - 2015-10-18 15:59 - 00000000 ____D C:\Users\Simone\AppData\Local\3dmouse
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Roaming\McNeel
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Local\McNeel
2015-10-18 15:57 - 2015-10-18 15:58 - 00000000 ____D C:\ProgramData\McNeel
2015-10-18 15:57 - 2015-10-18 15:57 - 00001088 _____ C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files\Rhinoceros 5 (64-bit)
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files (x86)\McNeelUpdate
2015-10-18 15:31 - 2015-10-18 15:31 - 00000000 ____D C:\Users\Simone\AppData\Roaming\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Program Files\WinRAR
2015-10-18 12:56 - 2015-10-18 13:03 - 00000000 ____D C:\rhinos

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 18:33 - 2015-07-31 21:29 - 00000000 ____D C:\Users\Simone\AppData\Local\CrashDumps
2015-11-15 18:33 - 2015-07-31 17:23 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 18:33 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-15 18:33 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-15 18:32 - 2015-07-31 07:47 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-11-15 18:32 - 2015-07-31 07:47 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-11-15 18:32 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 18:28 - 2015-07-30 21:52 - 01573558 _____ C:\Windows\WindowsUpdate.log
2015-11-15 18:27 - 2015-07-31 19:48 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-11-15 18:26 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Local\Adobe
2015-11-15 18:25 - 2015-08-03 13:08 - 00000000 ___RD C:\Users\Simone\Dropbox
2015-11-15 18:25 - 2015-08-03 13:05 - 00000000 ____D C:\Users\Simone\AppData\Local\Dropbox
2015-11-15 18:24 - 2015-08-03 13:06 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-15 18:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 18:24 - 2009-07-14 05:51 - 00068630 _____ C:\Windows\setupact.log
2015-11-15 18:23 - 2015-07-31 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-15 18:23 - 2015-07-30 21:56 - 00001106 _____ C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-15 18:11 - 2015-08-03 13:06 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-15 17:58 - 2015-08-03 17:38 - 00000646 _____ C:\Windows\Tasks\WebContent AutoUpdate 2014.job
2015-11-15 17:57 - 2015-07-31 17:43 - 17256826 _____ C:\Windows\PFRO.log
2015-11-15 13:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-15 13:18 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-11-15 13:12 - 2009-07-14 03:34 - 20709376 _____ C:\Windows\system32\config\SYSTEM.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 115605504 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 05505024 _____ C:\Windows\system32\config\DEFAULT.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-11-15 11:44 - 2015-07-31 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-11-15 11:44 - 2015-07-31 21:28 - 00000000 ____D C:\Program Files (x86)\Epson Software
2015-11-14 11:22 - 2015-07-30 21:56 - 00000000 ____D C:\Users\Simone
2015-11-14 10:22 - 2009-07-14 05:45 - 00549576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-14 01:44 - 2015-07-31 17:54 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 17:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-13 10:28 - 2015-07-31 21:11 - 00000000 ____D C:\Users\Simone\AppData\Roaming\vlc
2015-11-12 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 20:05 - 2015-07-31 17:39 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 20:00 - 2015-07-31 17:39 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 19:59 - 2015-08-09 11:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 19:59 - 2015-08-01 23:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 19:45 - 2009-07-14 08:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 19:45 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-09 22:32 - 2015-08-03 13:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-05 15:48 - 2015-08-01 23:00 - 00000000 ____D C:\Users\Simone\AppData\Local\Microsoft Help
2015-11-05 15:47 - 2015-09-10 07:41 - 00000000 ____D C:\$Windows.~BT
2015-11-04 19:14 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Adobe
2015-11-04 19:11 - 2015-08-03 12:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-04 19:09 - 2015-08-03 12:48 - 00000000 ____D C:\ProgramData\Adobe
2015-11-04 19:04 - 2015-07-31 18:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-04 18:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-03 20:31 - 2015-08-12 16:52 - 00001386 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-11-02 21:16 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-11-02 21:14 - 2015-07-31 21:22 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-11-02 21:13 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\EPSON
2015-11-02 21:12 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-01 22:28 - 2015-08-03 17:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 18:44 - 2015-07-31 21:41 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Epson
2015-10-25 16:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 21:32 - 2015-08-04 11:35 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-20 20:01 - 2015-08-04 11:40 - 00000000 ____D C:\Users\Simone\Documents\Autodesk Application Manager
2015-10-20 19:47 - 2015-07-31 16:42 - 00156568 _____ C:\Users\Simone\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-20 19:46 - 2015-08-04 21:01 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-10-20 19:46 - 2015-08-04 10:55 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Autodesk
2015-10-20 19:42 - 2015-08-02 21:52 - 00016966 _____ C:\Windows\DirectX.log
2015-10-20 18:37 - 2015-08-02 23:07 - 00000184 _____ C:\Windows\LMv4.UNI
2015-10-19 22:07 - 2015-08-04 11:37 - 00000000 ____D C:\Users\Simone\AppData\Local\Autodesk
2015-10-16 16:17 - 2015-08-03 12:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 09:30 - 2015-07-31 17:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 09:30 - 2015-07-31 17:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 09:25 - 2015-08-03 15:45 - 00000000 ____D C:\Users\Simone\.maplesoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-09 21:10 - 2015-08-09 21:10 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\EP-Compare-File-List.txt
2015-07-31 17:38 - 2015-07-31 17:38 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\gdfw.log
2015-07-31 17:38 - 2015-07-31 17:38 - 0000779 _____ () C:\Users\Simone\AppData\Roaming\gdscan.log
2015-07-31 18:12 - 2015-07-31 18:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-04 11:37 - 2015-08-04 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-10-19 21:56 - 2015-10-19 21:56 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzxhk_f.dll
C:\Users\Simone\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 11:56

==================== Ende von FRST.txt ============================
         

Alt 15.11.2015, 18:45   #9
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



und eine Frische FRST.txt:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Simone (Administrator) auf SIMONE-PC (15-11-2015 18:38:51)
Gestartet von C:\Users\Simone\Desktop
Geladene Profile: Simone (Verfügbare Profile: Simone)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\GUI\GDSC.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-08-26] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-01-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Policies\Explorer: [] 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F9667D8B-BE2A-4987-91C3-25554B84692C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4133458633-780925660-3275413234-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome: 
=======
CHR StartupUrls: Profile 2 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-31]
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-31]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-31]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (Adguard Werbeblocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-07]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-06]
CHR Extension: (EasyCalendar) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-13]
CHR Extension: (Popup Blocker Pro) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-13]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
S2 AllplanUpdateLauncher 2014; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe [16680 2014-05-24] (Nemetschek Allplan Systems GmbH)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [309376 2015-01-30] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
S2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
S2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-31] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-31] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-31] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-08-02] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-31] (G Data Software AG)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-15] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 18:35 - 2015-11-15 18:35 - 00001272 _____ C:\Users\Simone\Desktop\JRT.txt
2015-11-15 18:31 - 2015-10-05 23:26 - 01801288 _____ (Malwarebytes) C:\Users\Simone\Desktop\JRT.exe
2015-11-15 18:30 - 2015-11-15 18:30 - 01798976 _____ (Malwarebytes) C:\Users\Simone\Downloads\JRT.exe
2015-11-15 18:25 - 2015-11-15 18:25 - 00004598 _____ C:\Users\Simone\Desktop\AdwCleaner[C1].txt
2015-11-15 18:10 - 2015-11-15 18:10 - 01732096 _____ C:\Users\Simone\Downloads\adwcleaner_5.021.exe
2015-11-15 18:05 - 2015-11-15 18:05 - 00035661 _____ C:\Users\Simone\Desktop\mbam.txt
2015-11-15 17:38 - 2015-11-15 18:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-15 17:38 - 2015-11-15 17:38 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-15 17:38 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-15 17:38 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-15 17:38 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-15 13:49 - 2015-11-15 13:49 - 00037517 _____ C:\ComboFix.txt
2015-11-15 13:01 - 2015-11-15 13:49 - 00000000 ____D C:\Qoobox
2015-11-15 13:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-15 13:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-15 13:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-15 11:49 - 2015-11-15 13:16 - 00000000 ____D C:\Windows\erdnt
2015-11-15 11:45 - 2015-11-15 11:45 - 05637834 ____R (Swearware) C:\Users\Simone\Desktop\ComboFix.exe
2015-11-15 11:24 - 2015-11-15 11:24 - 00001270 _____ C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2015-11-15 11:24 - 2015-11-15 11:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-14 11:28 - 2015-11-14 11:30 - 00053462 _____ C:\Users\Simone\Desktop\Addition.txt
2015-11-14 11:27 - 2015-11-15 18:38 - 00027717 _____ C:\Users\Simone\Desktop\FRST.txt
2015-11-14 11:25 - 2015-11-15 18:38 - 00000000 ____D C:\FRST
2015-11-14 11:24 - 2015-11-14 11:24 - 02198528 _____ (Farbar) C:\Users\Simone\Desktop\FRST64.exe
2015-11-14 11:22 - 2015-11-14 11:22 - 00000000 _____ C:\Users\Simone\defogger_reenable
2015-11-14 00:41 - 2015-11-14 00:41 - 00000085 _____ C:\Windows\wininit.ini
2015-11-14 00:33 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20151114-003354.backup
2015-11-14 00:25 - 2015-11-14 00:25 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-14 00:17 - 2015-11-14 00:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-14 00:17 - 2015-11-14 00:17 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-11-13 21:08 - 2015-11-13 21:08 - 00003174 _____ C:\Windows\System32\Tasks\{75E8A2F2-E9BC-46BC-BE92-2D693A7F8AF2}
2015-11-13 21:07 - 2015-11-13 21:07 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Macromedia
2015-11-13 19:44 - 2015-11-13 19:44 - 00000000 ____D C:\found.000
2015-11-13 10:31 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 15:01 - 2015-11-12 15:01 - 00262144 ____N C:\Windows\Minidump\111215-11185-01.dmp
2015-11-12 15:01 - 2015-11-12 15:01 - 00000000 ____D C:\Windows\Minidump
2015-11-12 08:30 - 2015-11-12 08:30 - 00001112 _____ C:\Users\Public\Desktop\EnerCalC.lnk
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnerCalC
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\Program Files (x86)\EnerCalC
2015-11-11 19:02 - 2015-11-15 18:23 - 00000000 ____D C:\AdwCleaner
2015-11-11 18:24 - 2015-11-11 18:24 - 00000000 _____ C:\Windows\setuperr.log
2015-11-11 17:41 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 17:41 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 17:41 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 17:41 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 17:41 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:41 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 17:41 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 17:41 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 17:41 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 17:41 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 17:41 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 17:41 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 17:41 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 17:41 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 17:41 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:41 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll.vir
2015-11-11 17:41 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 17:41 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll.vir
2015-11-11 17:41 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 17:41 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll.vir
2015-11-11 17:41 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:41 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 17:41 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 17:41 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:41 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll.vir
2015-11-11 17:41 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll.vir
2015-11-11 17:41 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 17:41 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 17:41 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:41 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 17:41 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:41 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:41 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 17:41 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:40 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:40 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 17:40 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 17:40 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 17:40 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 17:40 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:40 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:40 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 17:40 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 17:40 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 17:40 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 17:40 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 17:40 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:40 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 17:40 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 17:40 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:40 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:40 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 17:39 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 17:39 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:39 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:39 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 17:39 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 17:39 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 17:39 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-09 22:32 - 2015-11-09 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-06 19:48 - 2015-11-06 19:48 - 00000000 _____ C:\autoexec.bat
2015-11-05 15:22 - 2015-11-05 15:22 - 00000000 ____D C:\Users\Simone\AppData\Roaming\PDAppFlex
2015-11-05 15:21 - 2015-11-05 15:21 - 00003506 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Simone-PC-Simone
2015-11-04 19:14 - 2015-11-04 19:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-04 19:09 - 2015-11-04 19:09 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2015-11-04 19:04 - 2015-11-04 19:11 - 00000000 ____D C:\Program Files\Adobe
2015-11-04 19:03 - 2015-11-04 19:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-04 18:57 - 2015-11-15 18:26 - 00000000 ___RD C:\Users\Simone\Creative Cloud Files
2015-11-04 18:54 - 2015-11-04 18:54 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-04 18:54 - 2015-11-04 18:54 - 00001215 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-03 23:21 - 2015-11-15 18:21 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-15 18:21 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-03 23:21 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 23:21 - 2015-11-03 23:21 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 18:48 - 2015-11-03 19:25 - 00000000 ____D C:\Windows\Panther
2015-11-03 18:47 - 2015-11-15 17:47 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-15 17:47 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-03 18:47 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-03 18:47 - 2015-11-03 18:47 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-02 21:15 - 2015-11-02 21:15 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-11-01 22:14 - 2015-11-01 22:14 - 00000052 _____ C:\Users\Simone\Desktop\11.txt
2015-11-01 17:58 - 2015-11-01 18:08 - 00000000 ____D C:\Users\Simone\AppData\Roaming\FFSJ
2015-11-01 16:51 - 2015-11-15 18:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Ashampoo
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Local\ashampoo
2015-11-01 16:45 - 2015-11-01 16:46 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-01 16:44 - 2015-11-01 22:19 - 00000000 ____D C:\Program Files (x86)\360
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\sparta111
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Local\Sparta
2015-10-26 09:13 - 2015-10-26 09:14 - 00000000 ____D C:\Users\Simone\Desktop\nein Fotos
2015-10-20 20:26 - 2015-10-20 20:26 - 00000964 _____ C:\Users\Simone\Desktop\RegCleaner.lnk
2015-10-20 20:26 - 2015-10-20 20:26 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2015-10-20 19:56 - 2015-10-20 19:56 - 00002106 _____ C:\Users\Public\Desktop\AutoCAD 2016 - Deutsch (German).lnk
2015-10-20 19:48 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files (x86)\Autodesk
2015-10-20 19:43 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files\Autodesk
2015-10-20 19:42 - 2015-11-11 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-20 18:37 - 2015-10-20 18:37 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-20 18:24 - 2015-10-20 19:55 - 00000000 ____D C:\Autodesk
2015-10-20 16:19 - 2015-10-20 20:05 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-19 22:01 - 2015-10-19 22:01 - 00000000 ____D C:\ProgramData\FARO
2015-10-19 21:57 - 2015-10-19 21:57 - 00000000 ____D C:\Users\Simone\Documents\Inventor Server SDK ACAD 2016
2015-10-19 21:56 - 2015-10-19 21:56 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-19 20:53 - 2015-10-19 21:03 - 00001531 _____ C:\Windows\SysWOW64\debug.log
2015-10-18 16:05 - 2015-10-18 16:16 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Grasshopper
2015-10-18 15:59 - 2015-10-18 15:59 - 00000000 ____D C:\Users\Simone\AppData\Local\3dmouse
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Roaming\McNeel
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Local\McNeel
2015-10-18 15:57 - 2015-10-18 15:58 - 00000000 ____D C:\ProgramData\McNeel
2015-10-18 15:57 - 2015-10-18 15:57 - 00001088 _____ C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files\Rhinoceros 5 (64-bit)
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files (x86)\McNeelUpdate
2015-10-18 15:31 - 2015-10-18 15:31 - 00000000 ____D C:\Users\Simone\AppData\Roaming\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Program Files\WinRAR
2015-10-18 12:56 - 2015-10-18 13:03 - 00000000 ____D C:\rhinos

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 18:33 - 2015-07-31 21:29 - 00000000 ____D C:\Users\Simone\AppData\Local\CrashDumps
2015-11-15 18:33 - 2015-07-31 17:23 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 18:33 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-15 18:33 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-15 18:32 - 2015-07-31 07:47 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-11-15 18:32 - 2015-07-31 07:47 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-11-15 18:32 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 18:28 - 2015-07-30 21:52 - 01573558 _____ C:\Windows\WindowsUpdate.log
2015-11-15 18:27 - 2015-07-31 19:48 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-11-15 18:26 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Local\Adobe
2015-11-15 18:25 - 2015-08-03 13:08 - 00000000 ___RD C:\Users\Simone\Dropbox
2015-11-15 18:25 - 2015-08-03 13:05 - 00000000 ____D C:\Users\Simone\AppData\Local\Dropbox
2015-11-15 18:24 - 2015-08-03 13:06 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-15 18:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 18:24 - 2009-07-14 05:51 - 00068630 _____ C:\Windows\setupact.log
2015-11-15 18:23 - 2015-07-31 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-15 18:23 - 2015-07-30 21:56 - 00001106 _____ C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-15 18:11 - 2015-08-03 13:06 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-15 17:58 - 2015-08-03 17:38 - 00000646 _____ C:\Windows\Tasks\WebContent AutoUpdate 2014.job
2015-11-15 17:57 - 2015-07-31 17:43 - 17256826 _____ C:\Windows\PFRO.log
2015-11-15 13:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-15 13:18 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-11-15 13:12 - 2009-07-14 03:34 - 20709376 _____ C:\Windows\system32\config\SYSTEM.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 115605504 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 05505024 _____ C:\Windows\system32\config\DEFAULT.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-11-15 11:44 - 2015-07-31 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-11-15 11:44 - 2015-07-31 21:28 - 00000000 ____D C:\Program Files (x86)\Epson Software
2015-11-14 11:22 - 2015-07-30 21:56 - 00000000 ____D C:\Users\Simone
2015-11-14 10:22 - 2009-07-14 05:45 - 00549576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-14 01:44 - 2015-07-31 17:54 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 17:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-13 10:28 - 2015-07-31 21:11 - 00000000 ____D C:\Users\Simone\AppData\Roaming\vlc
2015-11-12 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 20:05 - 2015-07-31 17:39 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 20:00 - 2015-07-31 17:39 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 19:59 - 2015-08-09 11:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 19:59 - 2015-08-01 23:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 19:45 - 2009-07-14 08:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 19:45 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-09 22:32 - 2015-08-03 13:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-05 15:48 - 2015-08-01 23:00 - 00000000 ____D C:\Users\Simone\AppData\Local\Microsoft Help
2015-11-05 15:47 - 2015-09-10 07:41 - 00000000 ____D C:\$Windows.~BT
2015-11-04 19:14 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Adobe
2015-11-04 19:11 - 2015-08-03 12:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-04 19:09 - 2015-08-03 12:48 - 00000000 ____D C:\ProgramData\Adobe
2015-11-04 19:04 - 2015-07-31 18:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-04 18:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-03 20:31 - 2015-08-12 16:52 - 00001386 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-11-02 21:16 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-11-02 21:14 - 2015-07-31 21:22 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-11-02 21:13 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\EPSON
2015-11-02 21:12 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-01 22:28 - 2015-08-03 17:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 18:44 - 2015-07-31 21:41 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Epson
2015-10-25 16:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 21:32 - 2015-08-04 11:35 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-20 20:01 - 2015-08-04 11:40 - 00000000 ____D C:\Users\Simone\Documents\Autodesk Application Manager
2015-10-20 19:47 - 2015-07-31 16:42 - 00156568 _____ C:\Users\Simone\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-20 19:46 - 2015-08-04 21:01 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-10-20 19:46 - 2015-08-04 10:55 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Autodesk
2015-10-20 19:42 - 2015-08-02 21:52 - 00016966 _____ C:\Windows\DirectX.log
2015-10-20 18:37 - 2015-08-02 23:07 - 00000184 _____ C:\Windows\LMv4.UNI
2015-10-19 22:07 - 2015-08-04 11:37 - 00000000 ____D C:\Users\Simone\AppData\Local\Autodesk
2015-10-16 16:17 - 2015-08-03 12:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-16 09:30 - 2015-07-31 17:42 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 09:30 - 2015-07-31 17:42 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 09:25 - 2015-08-03 15:45 - 00000000 ____D C:\Users\Simone\.maplesoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-09 21:10 - 2015-08-09 21:10 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\EP-Compare-File-List.txt
2015-07-31 17:38 - 2015-07-31 17:38 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\gdfw.log
2015-07-31 17:38 - 2015-07-31 17:38 - 0000779 _____ () C:\Users\Simone\AppData\Roaming\gdscan.log
2015-07-31 18:12 - 2015-07-31 18:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-04 11:37 - 2015-08-04 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-10-19 21:56 - 2015-10-19 21:56 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzxhk_f.dll
C:\Users\Simone\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 11:56

==================== Ende von FRST.txt ============================
         

Alt 16.11.2015, 00:35   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.11.2015, 15:11   #11
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



ESET log.txt

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=097e019af1be874c906c2ecabf82b6d9
# end=init
# utc_time=2015-11-16 11:18:19
# local_time=2015-11-16 12:18:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26743
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=097e019af1be874c906c2ecabf82b6d9
# end=updated
# utc_time=2015-11-16 11:21:07
# local_time=2015-11-16 12:21:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=097e019af1be874c906c2ecabf82b6d9
# engine=26743
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-16 01:38:32
# local_time=2015-11-16 02:38:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9002976 199310962 0 0
# scanned=308097
# found=2
# cleaned=0
# scan_time=8245
sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Simone\AppData\Local\Sparta\TaskScheduler.dll"
sh=AF319CD0F9FF44033BFCE0F64E4A1358608CDB4C ft=0 fh=0000000000000000 vn="Win32/Adware.Hicosmea.I Anwendung" ac=I fn="C:\Windows\Installer\5dc99.msi"
         
checkup.txt

Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
GÿDATA INTERNETÿSECURITY CBE   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 AVG PC TuneUp 2015  
 AVG PC TuneUp 2015 (de-DE) 
 AVG PC TuneUp 2015  
 Adobe Reader XI  
 Google Chrome (46.0.2490.80) 
 Google Chrome (46.0.2490.86) 
````````Process Check: objlist.exe by Laurent````````  
 G DATA InternetSecurity Firewall GDFirewallTray.exe 
 G DATA InternetSecurity Firewall GDFwSvcx64.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Simone (Administrator) auf SIMONE-PC (16-11-2015 15:04:26)
Gestartet von C:\Users\Simone\Desktop
Geladene Profile: Simone (Verfügbare Profile: Simone)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKAE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKAE.EXE
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\Allplan_1\Prg\Allplan_2014.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\Allplan_1\Prg\AllplanUpdCheck.exe
(Nemetschek Allplan GmbH) C:\Program Files\Nemetschek\Allplan_1\Prg\nemvfp_interpreter.exe
(Nemetschek Allplan Systems GmbH) C:\Program Files\Nemetschek\Allplan_1\Prg\NemDownloadHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13763800 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-07-31] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-06-01] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-08-26] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065968 2015-07-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-01-19] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKKid\AVKCKS.exe,
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\...\Policies\Explorer: [] 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EF939710-3B0D-4BCA-8F15-202A209ECF0F}: [NameServer] 194.95.79.72,194.95.79.77
Tcpip\..\Interfaces\{F9667D8B-BE2A-4987-91C3-25554B84692C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4133458633-780925660-3275413234-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4133458633-780925660-3275413234-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)

Chrome: 
=======
CHR StartupUrls: Profile 2 -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-31]
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-31]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-31]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-31]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-31]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (Adguard Werbeblocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-07]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-06]
CHR Extension: (EasyCalendar) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk [2015-11-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Profile: C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Google Docs Offline) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-13]
CHR Extension: (Popup Blocker Pro) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-11-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-13]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-07] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 AllplanUpdateLauncher 2014; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2014\AllplanUpdateLauncher.exe [16680 2014-05-24] (Nemetschek Allplan Systems GmbH)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [309376 2015-01-30] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3672560 2015-04-07] (G Data Software AG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-03] (Dropbox, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-09-13] (Robert McNeel & Associates)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-07-31] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-07-31] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-07-31] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [75776 2015-07-31] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64512 2015-07-31] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2015-08-02] (G Data Software)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-07-31] (G Data Software AG)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2013-12-05] (Paragon Software Group)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
R3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-16 15:04 - 2015-11-16 15:04 - 00031321 _____ C:\Users\Simone\Desktop\FRST.txt
2015-11-16 14:59 - 2015-11-16 14:59 - 00852720 _____ C:\Users\Simone\Desktop\SecurityCheck.exe
2015-11-15 17:38 - 2015-11-15 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 13:49 - 2015-11-15 13:49 - 00037517 _____ C:\ComboFix.txt
2015-11-15 13:01 - 2015-11-15 13:49 - 00000000 ____D C:\Qoobox
2015-11-15 13:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-15 13:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-15 13:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-15 13:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-15 11:49 - 2015-11-15 13:16 - 00000000 ____D C:\Windows\erdnt
2015-11-15 11:24 - 2015-11-16 14:54 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-14 11:25 - 2015-11-16 15:04 - 00000000 ____D C:\FRST
2015-11-14 11:24 - 2015-11-14 11:24 - 02198528 _____ (Farbar) C:\Users\Simone\Desktop\FRST64.exe
2015-11-14 11:22 - 2015-11-14 11:22 - 00000000 _____ C:\Users\Simone\defogger_reenable
2015-11-14 00:41 - 2015-11-14 00:41 - 00000085 _____ C:\Windows\wininit.ini
2015-11-14 00:33 - 2009-06-10 22:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20151114-003354.backup
2015-11-14 00:25 - 2015-11-14 00:25 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-14 00:17 - 2015-11-14 00:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-14 00:17 - 2015-11-14 00:17 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-11-13 21:08 - 2015-11-13 21:08 - 00003174 _____ C:\Windows\System32\Tasks\{75E8A2F2-E9BC-46BC-BE92-2D693A7F8AF2}
2015-11-13 21:07 - 2015-11-13 21:07 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Macromedia
2015-11-13 19:44 - 2015-11-13 19:44 - 00000000 ____D C:\found.000
2015-11-13 10:31 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 15:01 - 2015-11-12 15:01 - 00262144 ____N C:\Windows\Minidump\111215-11185-01.dmp
2015-11-12 15:01 - 2015-11-12 15:01 - 00000000 ____D C:\Windows\Minidump
2015-11-12 08:30 - 2015-11-12 08:30 - 00001112 _____ C:\Users\Public\Desktop\EnerCalC.lnk
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnerCalC
2015-11-12 08:30 - 2015-11-12 08:30 - 00000000 ____D C:\Program Files (x86)\EnerCalC
2015-11-11 19:02 - 2015-11-15 18:23 - 00000000 ____D C:\AdwCleaner
2015-11-11 18:24 - 2015-11-11 18:24 - 00000000 _____ C:\Windows\setuperr.log
2015-11-11 17:41 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 17:41 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 17:41 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 17:41 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 17:41 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 17:41 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 17:41 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 17:41 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 17:41 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 17:41 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 17:41 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 17:41 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 17:41 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 17:41 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 17:41 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 17:41 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 17:41 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll.vir
2015-11-11 17:41 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 17:41 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll.vir
2015-11-11 17:41 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 17:41 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll.vir
2015-11-11 17:41 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 17:41 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 17:41 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 17:41 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 17:41 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 17:41 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll.vir
2015-11-11 17:41 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll.vir
2015-11-11 17:41 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 17:41 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 17:41 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 17:41 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 17:41 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 17:41 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 17:41 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 17:41 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 17:41 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 17:41 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 17:41 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 17:41 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 17:41 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 17:41 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 17:41 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 17:41 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 17:41 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 17:41 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 17:40 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 17:40 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 17:40 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 17:40 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 17:40 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 17:40 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 17:40 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 17:40 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 17:40 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 17:40 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 17:40 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 17:40 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 17:40 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 17:40 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 17:40 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 17:40 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 17:40 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 17:40 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 17:40 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 17:40 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 17:40 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 17:40 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 17:40 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 17:40 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 17:40 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 17:40 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 17:40 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 17:40 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 17:40 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 17:40 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 17:39 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 17:39 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 17:39 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 17:39 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 17:39 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 17:39 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 17:39 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 17:39 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-10 15:42 - 2015-08-11 05:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-11-09 22:32 - 2015-11-09 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-06 19:48 - 2015-11-06 19:48 - 00000000 _____ C:\autoexec.bat
2015-11-05 15:22 - 2015-11-05 15:22 - 00000000 ____D C:\Users\Simone\AppData\Roaming\PDAppFlex
2015-11-05 15:21 - 2015-11-05 15:21 - 00003506 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Simone-PC-Simone
2015-11-04 19:14 - 2015-11-04 19:14 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-04 19:09 - 2015-11-04 19:09 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk
2015-11-04 19:04 - 2015-11-04 19:11 - 00000000 ____D C:\Program Files\Adobe
2015-11-04 19:03 - 2015-11-04 19:09 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-04 18:57 - 2015-11-15 18:26 - 00000000 ___RD C:\Users\Simone\Creative Cloud Files
2015-11-04 18:54 - 2015-11-04 18:54 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-04 18:54 - 2015-11-04 18:54 - 00001215 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-11-03 23:21 - 2015-11-16 14:21 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-16 14:21 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}.job
2015-11-03 23:21 - 2015-11-03 23:21 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 23:21 - 2015-11-03 23:21 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {D7B3AC18-0A64-433B-A8D5-66367A39D7C5}
2015-11-03 18:48 - 2015-11-03 19:25 - 00000000 ____D C:\Windows\Panther
2015-11-03 18:47 - 2015-11-16 14:47 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-16 14:47 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}.job
2015-11-03 18:47 - 2015-11-03 18:47 - 00003978 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Update {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-03 18:47 - 2015-11-03 18:47 - 00003792 _____ C:\Windows\System32\Tasks\EPSON WF-7620 Series Invitation {9A7BB307-3A80-4CA5-8B67-78F1B5DB27ED}
2015-11-02 21:15 - 2015-11-02 21:15 - 00000123 _____ C:\Users\Public\Desktop\Epson Connect Site.url
2015-11-01 17:58 - 2015-11-01 18:08 - 00000000 ____D C:\Users\Simone\AppData\Roaming\FFSJ
2015-11-01 16:51 - 2015-11-15 18:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Ashampoo
2015-11-01 16:46 - 2015-11-01 16:46 - 00000000 ____D C:\Users\Simone\AppData\Local\ashampoo
2015-11-01 16:45 - 2015-11-01 16:46 - 00000000 ____D C:\ProgramData\Ashampoo
2015-11-01 16:44 - 2015-11-01 22:19 - 00000000 ____D C:\Program Files (x86)\360
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\sparta111
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sparta
2015-11-01 16:44 - 2015-11-01 16:44 - 00000000 ____D C:\Users\Simone\AppData\Local\Sparta
2015-10-26 09:13 - 2015-10-26 09:14 - 00000000 ____D C:\Users\Simone\Desktop\nein Fotos
2015-10-20 20:26 - 2015-10-20 20:26 - 00000964 _____ C:\Users\Simone\Desktop\RegCleaner.lnk
2015-10-20 20:26 - 2015-10-20 20:26 - 00000000 ____D C:\Program Files (x86)\RegCleaner
2015-10-20 19:56 - 2015-10-20 19:56 - 00002106 _____ C:\Users\Public\Desktop\AutoCAD 2016 - Deutsch (German).lnk
2015-10-20 19:48 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files (x86)\Autodesk
2015-10-20 19:43 - 2015-11-11 20:26 - 00000000 ____D C:\Program Files\Autodesk
2015-10-20 19:42 - 2015-11-11 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-10-20 18:37 - 2015-10-20 18:37 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-20 18:24 - 2015-10-20 19:55 - 00000000 ____D C:\Autodesk
2015-10-20 16:19 - 2015-10-20 20:05 - 00000000 ____D C:\ProgramData\Autodesk
2015-10-19 22:01 - 2015-10-19 22:01 - 00000000 ____D C:\ProgramData\FARO
2015-10-19 21:57 - 2015-10-19 21:57 - 00000000 ____D C:\Users\Simone\Documents\Inventor Server SDK ACAD 2016
2015-10-19 21:56 - 2015-10-19 21:56 - 00000133 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-19 20:53 - 2015-10-19 21:03 - 00001531 _____ C:\Windows\SysWOW64\debug.log
2015-10-18 16:05 - 2015-10-18 16:16 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Grasshopper
2015-10-18 15:59 - 2015-10-18 15:59 - 00000000 ____D C:\Users\Simone\AppData\Local\3dmouse
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Roaming\McNeel
2015-10-18 15:58 - 2015-10-18 15:58 - 00000000 ____D C:\Users\Simone\AppData\Local\McNeel
2015-10-18 15:57 - 2015-10-18 15:58 - 00000000 ____D C:\ProgramData\McNeel
2015-10-18 15:57 - 2015-10-18 15:57 - 00001088 _____ C:\Users\Public\Desktop\Rhinoceros 5 (64-bit).lnk
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files\Rhinoceros 5 (64-bit)
2015-10-18 15:57 - 2015-10-18 15:57 - 00000000 ____D C:\Program Files (x86)\McNeelUpdate
2015-10-18 15:31 - 2015-10-18 15:31 - 00000000 ____D C:\Users\Simone\AppData\Roaming\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-18 15:30 - 2015-10-18 15:30 - 00000000 ____D C:\Program Files\WinRAR
2015-10-18 12:56 - 2015-10-18 13:03 - 00000000 ____D C:\rhinos

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-16 14:57 - 2015-08-03 17:38 - 00000646 _____ C:\Windows\Tasks\WebContent AutoUpdate 2014.job
2015-11-16 14:17 - 2015-07-30 21:52 - 01617425 _____ C:\Windows\WindowsUpdate.log
2015-11-16 14:11 - 2015-08-03 13:06 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-16 14:11 - 2015-08-03 13:06 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-16 12:19 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-16 12:19 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-16 12:16 - 2015-07-31 07:47 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-11-16 12:16 - 2015-07-31 07:47 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-11-16 12:16 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-16 12:13 - 2015-07-31 19:48 - 00006469 _____ C:\Windows\SysWOW64\Gms.log
2015-11-16 12:08 - 2015-08-03 13:08 - 00000000 ___RD C:\Users\Simone\Dropbox
2015-11-16 12:08 - 2015-08-03 13:05 - 00000000 ____D C:\Users\Simone\AppData\Local\Dropbox
2015-11-16 12:08 - 2015-07-31 21:29 - 00000000 ____D C:\Users\Simone\AppData\Local\CrashDumps
2015-11-16 12:07 - 2015-07-31 17:23 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-16 12:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-16 12:06 - 2009-07-14 05:51 - 00068686 _____ C:\Windows\setupact.log
2015-11-15 18:26 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Local\Adobe
2015-11-15 18:23 - 2015-07-31 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-15 18:23 - 2015-07-30 21:56 - 00001106 _____ C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-15 17:57 - 2015-07-31 17:43 - 17256826 _____ C:\Windows\PFRO.log
2015-11-15 13:45 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-15 13:18 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2015-11-15 13:12 - 2009-07-14 03:34 - 20709376 _____ C:\Windows\system32\config\SYSTEM.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 115605504 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 05505024 _____ C:\Windows\system32\config\DEFAULT.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-11-15 13:12 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-11-15 11:44 - 2015-07-31 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2015-11-15 11:44 - 2015-07-31 21:28 - 00000000 ____D C:\Program Files (x86)\Epson Software
2015-11-14 11:22 - 2015-07-30 21:56 - 00000000 ____D C:\Users\Simone
2015-11-14 10:22 - 2009-07-14 05:45 - 00549576 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-14 01:44 - 2015-07-31 17:54 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-13 17:45 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-13 10:28 - 2015-07-31 21:11 - 00000000 ____D C:\Users\Simone\AppData\Roaming\vlc
2015-11-12 15:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 20:05 - 2015-07-31 17:39 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 20:00 - 2015-07-31 17:39 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 19:59 - 2015-08-09 11:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 19:59 - 2015-08-01 23:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 19:45 - 2009-07-14 08:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 19:45 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:55 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-11 00:02 - 2015-07-31 17:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-09 22:32 - 2015-08-03 13:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-05 15:48 - 2015-08-01 23:00 - 00000000 ____D C:\Users\Simone\AppData\Local\Microsoft Help
2015-11-05 15:47 - 2015-09-10 07:41 - 00000000 ____D C:\$Windows.~BT
2015-11-04 19:14 - 2015-08-03 12:49 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Adobe
2015-11-04 19:11 - 2015-08-03 12:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-04 19:09 - 2015-08-03 12:48 - 00000000 ____D C:\ProgramData\Adobe
2015-11-04 19:04 - 2015-07-31 18:22 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-04 18:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-03 20:31 - 2015-08-12 16:52 - 00001386 _____ C:\Users\Public\Desktop\EPSON-Handbücher.lnk
2015-11-02 21:16 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-11-02 21:14 - 2015-07-31 21:22 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2015-11-02 21:13 - 2015-07-31 21:22 - 00000000 ____D C:\ProgramData\EPSON
2015-11-02 21:12 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-01 22:28 - 2015-08-03 17:08 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 18:44 - 2015-07-31 21:41 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Epson
2015-10-25 16:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 21:32 - 2015-08-04 11:35 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-20 20:01 - 2015-08-04 11:40 - 00000000 ____D C:\Users\Simone\Documents\Autodesk Application Manager
2015-10-20 19:47 - 2015-07-31 16:42 - 00156568 _____ C:\Users\Simone\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-20 19:46 - 2015-08-04 21:01 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-10-20 19:46 - 2015-08-04 10:55 - 00000000 ____D C:\Users\Simone\AppData\Roaming\Autodesk
2015-10-20 19:42 - 2015-08-02 21:52 - 00016966 _____ C:\Windows\DirectX.log
2015-10-20 18:37 - 2015-08-02 23:07 - 00000184 _____ C:\Windows\LMv4.UNI
2015-10-19 22:07 - 2015-08-04 11:37 - 00000000 ____D C:\Users\Simone\AppData\Local\Autodesk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-09 21:10 - 2015-08-09 21:10 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\EP-Compare-File-List.txt
2015-07-31 17:38 - 2015-07-31 17:38 - 0000000 _____ () C:\Users\Simone\AppData\Roaming\gdfw.log
2015-07-31 17:38 - 2015-07-31 17:38 - 0000779 _____ () C:\Users\Simone\AppData\Roaming\gdscan.log
2015-07-31 18:12 - 2015-07-31 18:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-04 11:37 - 2015-08-04 11:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-10-19 21:56 - 2015-10-19 21:56 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rgllj.dll
C:\Users\Simone\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 11:56

==================== Ende von FRST.txt ============================
         
Hallo Schrauber,

Echt klasse.. vielen vielen vielen Dank.
Die Tohotweb.com Startseite hat sich nicht mehr geöffnet.
Ich habe jetzt nicht so viel Ahnung davon, aber ich glaube das der Virus weg ist. Jedenfalls läuft jetzt alles wie gewohnt.

Noch mal ein DICKES DANKE, das hat mir erspart, das ich den Laptop neu aufsetzen muss.
LG Simone

Alt 17.11.2015, 18:56   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Simone\AppData\Local\Sparta\TaskScheduler.dll

C:\Windows\Installer\5dc99.msi

Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.11.2015, 10:32   #13
SimoneW
 
Tohotweb.com Virus - Standard

Tohotweb.com Virus



Fixlog.txt:
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-11-2015
durchgeführt von Simone (2015-11-19 10:26:14) Run:1
Gestartet von C:\Users\Simone\Desktop
Geladene Profile: Simone (Verfügbare Profile: Simone)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Simone\AppData\Local\Sparta\TaskScheduler.dll  C:\Windows\Installer\5dc99.msi  Emptytemp: 
*****************

"C:\Users\Simone\AppData\Local\Sparta\TaskScheduler.dll  C:\Windows\Installer\5dc99.msi  Emptytemp:" => nicht gefunden.

==== Ende von Fixlog 10:26:14 ====
         
FSS.txt:

Code:
ATTFilter
Farbar Service Scanner Version: 10-06-2014
Ran by Simone (administrator) on 19-11-2015 at 10:31:45
Running from "C:\Users\Simone\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

RpcSs Service is not running. Checking service configuration:
The start type of RpcSs service is OK.
The ImagePath of RpcSs service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
         

Alt 20.11.2015, 16:32   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus



Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.11.2015, 16:32   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Tohotweb.com Virus - Standard

Tohotweb.com Virus



Bitte Windows Repair laufen lassen:
Windows reparieren - so geht's - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Tohotweb.com Virus
pup.optional.acengine, pup.optional.adpopup, pup.optional.amiupdater, pup.optional.easycalendar.chrprst, pup.optional.fastersearch, pup.optional.fastsearch, pup.optional.gamegogle, pup.optional.hicosmea, pup.optional.installcore, pup.optional.maxdriverupdater, pup.optional.netservice, pup.optional.productsetup, pup.optional.quarknetwork, pup.optional.tohotweb, pup.optional.tuto4pc, pup.optional.winsock.wnskrst, pup.optional.winyahoo, spyhunter, spyhunter entfernen, trojan.infostealer, trojan.startpage, trojan.vundo, win32/adware.hicosmea.i, win32/installcore.acl





Zum Thema Tohotweb.com Virus - Halli Hallo, Ich habe mir irgendwie den Virus Tohotweb.com eingefangen. Er setzt sich als Startseite in die Browser, dabei ist es egal welchen Browser ich öffne, ob Internet Explorer oder - Tohotweb.com Virus...
Archiv
Du betrachtest: Tohotweb.com Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.