Panda-Symbol ändert sich auf Inaktiv. Trojaner etc. ?

annach · 14.12.2015, 19:14

AdwCleaner (nur untersuchen, nicht entfernen):

Code:

ATTFilter

# AdwCleaner v5.025 - Bericht erstellt am 14/12/2015 um 17:28:20
# Aktualisiert am 13/12/2015 von Xplode
# Datenbank : 2015-12-13.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : admin - ADMIN-PC
# Gestartet von : D:\Anwendungen\_INSTALLIERT\AdwCleaner\adwcleaner_5.025.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.zonealarm.com

***** [ Internetbrowser ] *****

[C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gefunden : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=e1e5f48cdf6946e092393bb7b6b04906&tu=10GXy00I11D33N0&sku=&tstsId=&ver=&");
[C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gefunden : user_pref("extensions.zonealarm.lastB", "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=de&gu=31e2c0a8f8eb4fb88c95e92aac500398&tu=10GXy00BA1C01g0&sku=&tstsId=&ver=&");
[C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gefunden : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=DE&gu=e1e5f48cdf6946e092393bb7b6b04906&tu=10GXy00I11D33N0&sku=&tstsId=&ver=&");
[C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gefunden : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=e1e5f48cdf6946e092393bb7b6b04906&tu=10GXy00I11D33N0&sku=&tstsId=&ver=&&q=");

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2012 Bytes] ##########

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-12-2015
durchgeführt von admin (Administrator) auf ADMIN-PC (14-12-2015 18:15:25)
Gestartet von D:\Anwendungen\_INSTALLIERT\Farbar Recovery Scan Tool FRST64
Geladene Profile: admin (Verfügbare Profile: admin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(Ulrich Krebs) E:\Programme\Kalender\Kalender.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Lingo4you) C:\Program Files (x86)\LingoPad\LingoPad.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe
(Learnpulse) C:\Users\admin\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\admin\AppData\Local\Snip\Snip.exe
(Evernote) C:\Program Files (x86)\Evernote\Skitch\Skitch.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(PANTERASoft) C:\Program Files (x86)\HDD Health\hddhealth.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\Datacolor\Spyder5Pro\Utility\SpyderUtility.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Can O' Baked Beans Creations) C:\Program Files (x86)\Alt-C\AltC.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
() C:\Program Files (x86)\ClickOff\Clickoff.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() D:\Anwendungen\_INSTALLIERT\AdwCleaner\adwcleaner_5.025.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403688 2012-06-28] (Acronis)
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-09] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5993216 2012-06-28] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173712 2012-06-28] (Acronis)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-09-02] (IVT Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134792 2015-11-07] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe [100864 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE15 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe [17408 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] => E:\Programme\Quicktime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Kalender] => E:\Programme\Kalender\Kalender.exe [933888 2010-03-19] (Ulrich Krebs)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [LingoPad] => C:\Program Files (x86)\LingoPad\LingoPad.exe [1673216 2007-08-31] (Lingo4you)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [SAFE15 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe [70656 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [PureText] => C:\Program Files (x86)\puretext20_x86\PureText.exe [28672 2009-01-27] (hxxp://www.SteveMiller.net)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Screenpresso] => C:\Users\admin\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [12337680 2015-12-03] (Learnpulse)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Snip] => C:\Users\admin\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4863296 2015-04-30] (Evernote)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8538648 2015-09-22] (Binary Fortress Software)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\MountPoints2: {38182ef5-b8c1-11e2-a6a9-806e6f6e6963} - I:\pushinst.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alt-C.lnk [2015-09-17]
ShortcutTarget: Alt-C.lnk -> C:\Program Files (x86)\Alt-C\AltC.exe (Can O' Baked Beans Creations)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-12-10] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClickOff.lnk [2015-02-20]
ShortcutTarget: ClickOff.lnk -> C:\Program Files (x86)\ClickOff\Clickoff.exe ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2013-05-20]
ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-04-25]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-06-16]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-02-19] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2013-06-14]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-01-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2015-09-17]
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk [2015-05-20]
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files (x86)\Datacolor\Spyder5Pro\Utility\SpyderUtility.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2013-06-27]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{68C5188A-07A6-482C-A610-FC39FB4AE86B}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-3779362651-2884523692-4276699226-1000 -> DefaultScope {681687DE-6308-4828-8A78-11D16BE1902E} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3779362651-2884523692-4276699226-1000 -> {681687DE-6308-4828-8A78-11D16BE1902E} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
Toolbar: HKU\S-1-5-21-3779362651-2884523692-4276699226-1000 -> Kein Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Keine Datei
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932
FF Homepage: hxxp://www.tagesspiegel.de/
hxxps://www.psd-tutorials.de/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> E:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> E:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> E:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3779362651-2884523692-4276699226-1000: @citrixonline.com/appdetectorplugin -> C:\Users\admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-3779362651-2884523692-4276699226-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-23] (Apple Inc.)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\duckduckgo.xml [2014-05-13]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\google-images.xml [2014-12-09]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\google-maps.xml [2014-12-09]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\ixquick-web-suchen.undefined.undefined [2014-04-25]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\ixquick-web-suchen.xml [2014-05-13]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\youtube.xml [2014-05-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-09-02]
FF Extension: Panda Security Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2014-11-03] [ist nicht signiert]
FF Extension: FlashGot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-27]
FF Extension: Hide Navigation Bar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\hidenavbar@jaybaldwin.xpi [2015-05-30]
FF Extension: ColorResults - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{20E2E952-0E3E-4b83-A1CE-5340C10F43A9}.xpi [2015-05-30]
FF Extension: Disable Anti-Adblock - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2015-05-30]
FF Extension: Textarea Cache - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2015-05-30]
FF Extension: Clearly - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\readable@evernote.com.xpi [2015-05-30]
FF Extension: Space Next - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df005}.xpi [2015-05-30]
FF Extension: Gutscheinaffe - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-05-30]
FF Extension: QuickJava - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2015-05-30]
FF Extension: Bookmark Autohider - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\bookmarkhider@exi.name.xpi [2015-05-30]
FF Extension: UnPlug - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\unplug@compunach.xpi [2015-05-30]
FF Extension: Copy Plain Text 2 - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\copyplaintext@teo.pl.xpi [2015-07-29]
FF Extension: Save Text Area - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{8522e648-adce-469a-8c3a-18659a6ab6e3}.xpi [2015-08-27]
FF Extension: Secure Or Not - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\secureornot@tiptt.blogspot.com.xpi [2015-08-27]
FF Extension: Tab Mix Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-09-02]
FF Extension: ScrapBook - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2015-09-04]
FF Extension: Download Manager (S3) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\s3download@statusbar.xpi [2015-10-28]
FF Extension: WEB.DE MailCheck - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\mailcheck@web.de [2015-11-03]
FF Extension: FireShot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-11-08]
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Flash and Video Download - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-11-28]
FF Extension: RightToClick - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: ColorfulTabs - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-12-01]
FF Extension: FEBE - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-12-02]
FF Extension: DownThemAll! - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-08]
FF Extension: ImTranslator - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-12-08]
FF Extension: WOT - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Add to Search Bar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\add-to-searchbox@maltekraus.de.xpi [2015-05-29]
FF Extension: anonymoX - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\client@anonymox.net.xpi [2015-09-28]
FF Extension: Cliqz - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\cliqz@cliqz.com.xpi [2015-12-10]
FF Extension: YouTube Video and Audio Downloader - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-11-11]
FF Extension: Ghostery - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\firefox@ghostery.com.xpi [2015-11-05]
FF Extension: The Camelizer - Price Tracker - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\izer@camelcamelcamel.com.xpi [2015-08-27]
FF Extension: Self-Destructing Cookies - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2015-11-21]
FF Extension: Youtube AgeRestriction Unblocker - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\jid1-82bQxmQ0klINKg@jetpack.xpi [2015-08-27]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\searchSwitcher@example.com.xpi [2015-05-29] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\UIEnhancer@girishsharma.xpi [2015-12-05] [ist nicht signiert]
FF Extension: SeoQuake - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2015-12-08]
FF Extension: Video DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: CoolPreviews - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-11-09] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-11-10] [ist nicht signiert]
FF HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\cliqz@cliqz.com => nicht gefunden

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation) [Datei ist nicht signiert]
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation) [Datei ist nicht signiert]
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4608040 2015-09-22] (Binary Fortress Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-11-23] (Freemake) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [Datei ist nicht signiert]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2015-07-27] (Panda Security, S.L.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3722912 2015-11-07] (Check Point Software Technologies Ltd.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [Datei ist nicht signiert]
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [20488 2009-06-17] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47880 2009-08-28] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24840 2009-08-26] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [34440 2009-08-26] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [30344 2009-08-26] (IVT Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-09-18] (Audials AG)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S3 Spyder2; C:\Windows\System32\DRIVERS\Spyder2.sys [15360 2007-01-17] ()
S3 Spyder5; C:\Windows\System32\DRIVERS\dccmtr.sys [15360 2014-12-19] (Datacolor)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [17032 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [43912 2009-08-28] (IVT Corporation.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462304 2015-11-07] (Check Point Software Technologies Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 13:46 - 2015-12-14 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-12 20:42 - 2015-12-12 20:42 - 02977141 _____ C:\Users\admin\Desktop\ifolor_Familienfotografie_81171.pdf
2015-12-12 08:32 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-12-11 20:47 - 2015-12-11 20:47 - 00000095 _____ C:\Users\admin\Desktop\Heise.txt
2015-12-11 12:38 - 2015-12-14 18:15 - 00000000 ____D C:\FRST
2015-12-10 19:38 - 2015-12-10 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skitch
2015-12-10 17:16 - 2015-12-11 08:43 - 00000220 _____ C:\Windows\SysWOW64\BroomData.bit
2015-12-10 17:16 - 2013-04-08 15:30 - 00022752 _____ C:\Windows\system32\PCloudBroom64.exe
2015-12-10 16:43 - 2015-12-14 10:42 - 00873156 _____ C:\Users\admin\AppData\Local\SnipUsages.txt
2015-12-10 16:37 - 2015-12-11 08:02 - 00864908 _____ C:\Windows\system32\PHOOKSmf2.TXT
2015-12-10 16:35 - 2015-12-11 08:43 - 00888272 _____ C:\Windows\system32\PHOOKSmf.txt
2015-12-10 16:32 - 2015-12-11 07:31 - 00000000 ____D C:\Windows\system32\DBBK
2015-12-10 15:36 - 2015-12-10 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-12-09 19:12 - 2015-12-09 19:13 - 00000115 _____ C:\Users\admin\Desktop\iRemoteWP.txt
2015-12-06 17:52 - 2015-12-06 17:52 - 00001470 _____ C:\Users\admin\Desktop\TeamViewer.lnk
2015-12-06 17:39 - 2015-12-06 17:39 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-03 14:51 - 2015-12-03 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-11-27 13:06 - 2015-11-27 13:06 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-26 13:34 - 2015-11-26 13:34 - 02130477 _____ C:\Users\admin\Desktop\Greb, Axel - Einkommensteuer 2014 - ELSTER Einkommensteuererklärung - Meine Kopie.pdf
2015-11-26 13:33 - 2015-11-26 13:33 - 00039621 _____ C:\Users\admin\Desktop\Greb, Axel - Einkommensteuer 2014 - ELSTER Einkommensteuererklärung - An das Finanzamt.pdf
2015-11-25 21:40 - 2015-11-25 21:44 - 00626949 _____ C:\Users\admin\Desktop\BVG Kontoauszug.pdf
2015-11-25 21:40 - 2015-11-25 21:44 - 00434470 _____ C:\Users\admin\Desktop\Beitrag Krankenkasse.pdf
2015-11-25 21:39 - 2015-11-25 21:39 - 00731041 _____ C:\Users\admin\Desktop\Lohnnachweis 2014.pdf
2015-11-24 18:43 - 2015-11-24 18:59 - 00000664 _____ C:\Users\admin\Desktop\Personalausweis.txt
2015-11-23 16:22 - 2015-11-23 16:22 - 00000177 _____ C:\Users\admin\Desktop\Bewegliche Sache.txt
2015-11-18 19:18 - 2015-11-18 22:10 - 00002805 _____ C:\Users\admin\Desktop\1blu.txt
2015-11-17 15:53 - 2015-11-17 15:53 - 05694367 _____ C:\Users\admin\Desktop\updraftplus.1.11.17.zip
2015-11-17 15:19 - 2015-11-17 15:19 - 00671963 _____ C:\Users\admin\Desktop\google-sitemap-generator.4.0.8.zip
2015-11-16 02:47 - 2015-12-14 13:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-14 13:29 - 2015-11-14 13:29 - 00000000 ____D C:\Users\admin\AppData\Roaming\FreeCommander
2015-11-14 12:19 - 2015-11-14 12:20 - 21441594 _____ C:\Users\admin\Desktop\PhotoZoomPro-5.1.2-.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 18:14 - 2013-05-15 14:47 - 00000000 ____D C:\Users\admin\Desktop\Sicherheit
2015-12-14 18:11 - 2013-06-08 21:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 17:42 - 2013-05-16 20:00 - 00000000 ____D C:\Users\admin\AppData\Local\Sidebar7
2015-12-14 17:28 - 2014-05-23 11:24 - 00000000 ____D C:\AdwCleaner
2015-12-14 17:24 - 2013-05-18 12:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 17:24 - 2013-05-16 20:44 - 00000000 ____D C:\Users\admin\AppData\Local\Clipboarder
2015-12-14 17:04 - 2009-07-14 05:45 - 00025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 17:04 - 2009-07-14 05:45 - 00025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 10:42 - 2015-09-22 16:21 - 00424600 _____ C:\Users\admin\AppData\Local\Snip.txt
2015-12-14 10:42 - 2015-09-04 11:58 - 00003608 _____ C:\Windows\System32\Tasks\WizMouse
2015-12-14 10:42 - 2015-01-11 22:00 - 00000000 ____D C:\Users\admin\AppData\Local\Skitch
2015-12-14 10:42 - 2014-08-19 10:28 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2015-12-14 10:42 - 2013-06-08 21:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 10:42 - 2013-05-16 20:54 - 00000000 ____D C:\ProgramData\ClickOff
2015-12-14 10:38 - 2009-07-14 18:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-12-14 10:38 - 2009-07-14 18:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-12-14 10:38 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-14 10:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-14 10:35 - 2014-01-07 18:58 - 00005248 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-12-14 10:33 - 2009-09-07 15:42 - 00001012 _____ C:\Windows\SysWOW64\bscs.ini
2015-12-14 10:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-13 19:23 - 2013-09-21 16:38 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C739D6D-5A6D-420C-BB0B-2B1635F218C4}
2015-12-13 19:16 - 2014-11-03 20:59 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-12-11 21:49 - 2013-05-16 16:15 - 00000000 ____D C:\Users\admin\Documents\FinePrint-Dateien
2015-12-11 20:22 - 2015-08-26 18:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-11 12:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-11 08:45 - 2009-07-14 05:45 - 00380768 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 07:36 - 2013-05-16 21:21 - 00000000 ____D C:\Program Files (x86)\JDownloader
2015-12-11 06:49 - 2015-01-24 04:34 - 00000000 ____D C:\Users\admin\Desktop\Down
2015-12-10 20:23 - 2013-05-17 19:07 - 00967753 _____ C:\Users\admin\AppData\Local\census.cache
2015-12-10 20:23 - 2013-05-17 19:03 - 00114273 _____ C:\Users\admin\AppData\Local\ars.cache
2015-12-10 19:51 - 2013-05-09 16:37 - 00000000 ____D C:\Users\admin\Desktop\Textprg
2015-12-10 19:43 - 2015-09-09 15:55 - 00000000 ____D C:\Users\admin\AppData\Local\Citrix
2015-12-10 16:28 - 2015-10-12 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-12-10 16:28 - 2013-09-23 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Text_Druck
2015-12-10 16:28 - 2013-09-23 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2015-12-10 15:36 - 2014-11-03 20:58 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-12-10 14:08 - 2015-10-24 13:26 - 00000000 ___RD C:\Users\admin\Creative Cloud Files
2015-12-10 14:08 - 2015-10-24 13:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-10 13:32 - 2014-08-08 15:19 - 00490142 _____ C:\Windows\ntbtlog.txt
2015-12-10 13:24 - 2013-06-10 22:13 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2015-12-09 11:24 - 2013-05-18 12:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 11:24 - 2013-05-10 23:45 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 11:24 - 2013-05-10 23:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 18:40 - 2015-08-15 19:53 - 00000000 ____D C:\Users\admin\Documents\PhraseExpress
2015-12-07 22:17 - 2013-05-09 16:43 - 00000000 ____D C:\Users\admin\Desktop\Internet etc
2015-12-07 22:17 - 2013-05-09 16:37 - 00000000 ____D C:\Users\admin\Desktop\Tools
2015-12-07 22:13 - 2013-05-16 21:17 - 00000000 ____D C:\Users\admin\AppData\Roaming\FileZilla
2015-12-07 08:29 - 2013-05-10 11:16 - 00076072 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-06 23:10 - 2013-05-09 16:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-06 17:58 - 2015-05-13 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-12-06 17:58 - 2015-05-13 19:02 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-12-03 23:06 - 2013-06-08 21:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 23:06 - 2013-06-08 21:44 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 22:45 - 2015-09-22 16:21 - 00000000 ____D C:\Users\admin\Documents\My Snips
2015-12-03 14:57 - 2015-01-22 14:23 - 00430874 _____ C:\Windows\system32\Drivers\vsconfig.xml
2015-11-30 23:41 - 2013-05-11 01:37 - 00000000 ____D C:\Users\admin\Desktop\Video
2015-11-30 21:25 - 2015-08-18 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-11-30 21:25 - 2015-08-18 23:11 - 00000000 ____D C:\ProgramData\Freemake
2015-11-28 11:04 - 2015-10-05 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-11-28 11:04 - 2013-05-09 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-27 20:17 - 2015-08-20 12:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-27 13:06 - 2013-06-24 23:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-25 14:48 - 2013-10-16 18:08 - 00000000 ____D C:\ProgramData\Oracle
2015-11-25 14:46 - 2015-08-26 15:00 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-25 14:46 - 2015-08-20 14:06 - 00000000 ____D C:\Program Files\Java
2015-11-25 14:46 - 2014-10-16 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-25 14:45 - 2015-08-20 14:07 - 00000000 ____D C:\Users\admin\.oracle_jre_usage
2015-11-25 14:44 - 2015-08-20 14:07 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-25 14:01 - 2013-05-09 22:44 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2015-11-24 11:38 - 2015-01-22 16:21 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2015-11-19 23:00 - 2015-02-16 21:29 - 00000000 ____D C:\Users\admin\AppData\Local\CyberGhost
2015-11-19 22:55 - 2014-01-21 16:27 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-11-17 09:36 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-06 14:57 - 2015-11-06 14:57 - 0000136 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFXVwer.log
2009-09-27 14:02 - 2009-10-22 14:11 - 0103055 _____ () C:\Users\admin\AppData\Roaming\PremeSplashScreen.jpg
2009-12-08 08:39 - 2009-12-08 08:39 - 0005430 _____ () C:\Users\admin\AppData\Roaming\Untitled-32.ico
2014-03-04 09:49 - 2014-03-04 09:45 - 0001610 _____ () C:\Users\admin\AppData\Roaming\Zonealarm.lnk
2014-04-01 11:18 - 2015-03-24 13:49 - 0001078 _____ () C:\Users\admin\AppData\Local\297ee9cad53a5fc00aaa2013a9c17a85
2015-04-29 20:50 - 2015-04-29 21:19 - 0001062 _____ () C:\Users\admin\AppData\Local\43d15e80ee0ca18448ed415b876369ed
2015-05-15 10:48 - 2015-09-09 16:09 - 0001078 _____ () C:\Users\admin\AppData\Local\a8720e05422a1c5b236fce563fd6475c
2013-05-17 19:03 - 2015-12-10 20:23 - 0114273 _____ () C:\Users\admin\AppData\Local\ars.cache
2015-01-31 19:30 - 2015-02-12 12:30 - 0001094 _____ () C:\Users\admin\AppData\Local\b910beaedd16e666d75f0eba9db54ffc
2014-03-14 17:59 - 2015-03-24 13:48 - 0001062 _____ () C:\Users\admin\AppData\Local\c59be68b03be09f9dbe3e1c49acbe573
2013-05-17 19:07 - 2015-12-10 20:23 - 0967753 _____ () C:\Users\admin\AppData\Local\census.cache
2014-04-04 10:40 - 2014-05-27 12:34 - 0005120 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-17 18:55 - 2013-05-17 18:55 - 0000036 _____ () C:\Users\admin\AppData\Local\housecall.guid.cache
2015-09-22 16:21 - 2015-12-14 10:42 - 0424600 _____ () C:\Users\admin\AppData\Local\Snip.txt
2015-12-10 16:43 - 2015-12-14 10:42 - 0873156 _____ () C:\Users\admin\AppData\Local\SnipUsages.txt

Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\-zd56qre.dll
C:\Users\admin\AppData\Local\Temp\AAMHelper.exe
C:\Users\admin\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\admin\AppData\Local\Temp\ExPromo.exe
C:\Users\admin\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\admin\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\admin\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\admin\AppData\Local\Temp\ScreenpressoUpd.exe
C:\Users\admin\AppData\Local\Temp\skitchsetup_2.3.2.176.exe
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\admin\AppData\Local\Temp\v5xlvg7j.dll
C:\Users\admin\AppData\Local\Temp\wip4_r5n.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 12:40

==================== Ende von FRST.txt ============================

Leider bin ich nur nach der E_Mail vorgegangen, wo nichts von entfernen stand.
Ich werde deshalb alles noch einmal in oben angegebener Reihenfolge machen.

Neu ADWCleaner:

Code:

ATTFilter

# AdwCleaner v5.025 - Bericht erstellt am 14/12/2015 um 19:04:50
# Aktualisiert am 13/12/2015 von Xplode
# Datenbank : 2015-12-13.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : admin - ADMIN-PC
# Gestartet von : D:\Anwendungen\_INSTALLIERT\AdwCleaner\adwcleaner_5.025.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.zonealarm.com

***** [ Internetbrowser ] *****

[-] [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gelöscht : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=e1e5f48cdf6946e092393bb7b6b04906&tu=10GXy00I11D33N0&sku=&tstsId=&ver=&");
[-] [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gelöscht : user_pref("extensions.zonealarm.lastB", "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=de&gu=31e2c0a8f8eb4fb88c95e92aac500398&tu=10GXy00BA1C01g0&sku=&tstsId=&ver=&");
[-] [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gelöscht : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=DE&gu=e1e5f48cdf6946e092393bb7b6b04906&tu=10GXy00I11D33N0&sku=&tstsId=&ver=&");
[-] [C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\prefs.js] [Preference] Gelöscht : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=e1e5f48cdf6946e092393bb7b6b04906&tu=10GXy00I11D33N0&sku=&tstsId=&ver=&&q=");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2222 Bytes] ##########

neu FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-12-2015
durchgeführt von admin (Administrator) auf ADMIN-PC (14-12-2015 19:12:57)
Gestartet von D:\Anwendungen\_INSTALLIERT\Farbar Recovery Scan Tool FRST64
Geladene Profile: admin (Verfügbare Profile: admin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(Ulrich Krebs) E:\Programme\Kalender\Kalender.exe
(Lingo4you) C:\Program Files (x86)\LingoPad\LingoPad.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe
(Learnpulse) C:\Users\admin\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\admin\AppData\Local\Snip\Snip.exe
(Evernote) C:\Program Files (x86)\Evernote\Skitch\Skitch.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(PANTERASoft) C:\Program Files (x86)\HDD Health\hddhealth.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
() C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
() C:\Program Files (x86)\Datacolor\Spyder5Pro\Utility\SpyderUtility.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Can O' Baked Beans Creations) C:\Program Files (x86)\Alt-C\AltC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\ClickOff\Clickoff.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Scribble Papers\ScPapers.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403688 2012-06-28] (Acronis)
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-09] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5993216 2012-06-28] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [1173712 2012-06-28] (Acronis)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470120 2011-02-24] ()
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-09-02] (IVT Corporation)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134792 2015-11-07] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Safe 15\SteganosHotKeyService.exe [100864 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE15 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 15\fredirstarter.exe [17408 2014-02-21] (Steganos Software GmbH)
HKLM-x32\...\Run: [QuickTime Task] => E:\Programme\Quicktime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Kalender] => E:\Programme\Kalender\Kalender.exe [933888 2010-03-19] (Ulrich Krebs)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [LingoPad] => C:\Program Files (x86)\LingoPad\LingoPad.exe [1673216 2007-08-31] (Lingo4you)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [SAFE15 Browser Monitor] => C:\Program Files (x86)\Steganos Safe 15\SteganosBrowserMonitor.exe [70656 2014-02-21] (Steganos Software GmbH)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [PureText] => C:\Program Files (x86)\puretext20_x86\PureText.exe [28672 2009-01-27] (hxxp://www.SteveMiller.net)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Screenpresso] => C:\Users\admin\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [12337680 2015-12-03] (Learnpulse)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Snip] => C:\Users\admin\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4863296 2015-04-30] (Evernote)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8538648 2015-09-22] (Binary Fortress Software)
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\MountPoints2: {38182ef5-b8c1-11e2-a6a9-806e6f6e6963} - I:\pushinst.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alt-C.lnk [2015-09-17]
ShortcutTarget: Alt-C.lnk -> C:\Program Files (x86)\Alt-C\AltC.exe (Can O' Baked Beans Creations)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-12-10] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ClickOff.lnk [2015-02-20]
ShortcutTarget: ClickOff.lnk -> C:\Program Files (x86)\ClickOff\Clickoff.exe ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2013-05-20]
ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-04-25]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-06-16]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-02-19] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2013-06-14]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-01-02]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2015-09-17]
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk [2015-05-20]
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files (x86)\Datacolor\Spyder5Pro\Utility\SpyderUtility.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2013-06-27]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{68C5188A-07A6-482C-A610-FC39FB4AE86B}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-3779362651-2884523692-4276699226-1000 -> DefaultScope {681687DE-6308-4828-8A78-11D16BE1902E} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3779362651-2884523692-4276699226-1000 -> {681687DE-6308-4828-8A78-11D16BE1902E} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-25] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-25] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
Toolbar: HKU\S-1-5-21-3779362651-2884523692-4276699226-1000 -> Kein Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Keine Datei
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932
FF Homepage: hxxp://www.tagesspiegel.de/
hxxps://www.psd-tutorials.de/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> E:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> E:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> E:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3779362651-2884523692-4276699226-1000: @citrixonline.com/appdetectorplugin -> C:\Users\admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-09-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-3779362651-2884523692-4276699226-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-23] (Apple Inc.)
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\duckduckgo.xml [2014-05-13]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\google-images.xml [2014-12-09]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\google-maps.xml [2014-12-09]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\ixquick-web-suchen.undefined.undefined [2014-04-25]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\ixquick-web-suchen.xml [2014-05-13]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\searchplugins\youtube.xml [2014-05-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-09-02]
FF Extension: Panda Security Toolbar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2014-11-03] [ist nicht signiert]
FF Extension: FlashGot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-27]
FF Extension: Hide Navigation Bar - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\hidenavbar@jaybaldwin.xpi [2015-05-30]
FF Extension: ColorResults - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{20E2E952-0E3E-4b83-A1CE-5340C10F43A9}.xpi [2015-05-30]
FF Extension: Disable Anti-Adblock - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2015-05-30]
FF Extension: Textarea Cache - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2015-05-30]
FF Extension: Clearly - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\readable@evernote.com.xpi [2015-05-30]
FF Extension: Space Next - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df005}.xpi [2015-05-30]
FF Extension: Gutscheinaffe - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{9220f99f-5b7d-4a4d-97ca-209991796400}.xpi [2015-05-30]
FF Extension: QuickJava - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2015-05-30]
FF Extension: Bookmark Autohider - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\bookmarkhider@exi.name.xpi [2015-05-30]
FF Extension: UnPlug - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\unplug@compunach.xpi [2015-05-30]
FF Extension: Copy Plain Text 2 - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\copyplaintext@teo.pl.xpi [2015-07-29]
FF Extension: Save Text Area - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{8522e648-adce-469a-8c3a-18659a6ab6e3}.xpi [2015-08-27]
FF Extension: Secure Or Not - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\secureornot@tiptt.blogspot.com.xpi [2015-08-27]
FF Extension: Tab Mix Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-09-02]
FF Extension: ScrapBook - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2015-09-04]
FF Extension: Download Manager (S3) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\s3download@statusbar.xpi [2015-10-28]
FF Extension: WEB.DE MailCheck - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\mailcheck@web.de [2015-11-03]
FF Extension: FireShot - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2015-11-08]
FF Extension: NoScript - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: Flash and Video Download - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-11-28]
FF Extension: RightToClick - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2015-11-30]
FF Extension: ColorfulTabs - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-12-01]
FF Extension: FEBE - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2015-12-02]
FF Extension: DownThemAll! - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-08]
FF Extension: ImTranslator - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2015-12-08]
FF Extension: WOT - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\add-to-searchbox@maltekraus.de.xpi [2015-05-29] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\client@anonymox.net.xpi [2015-09-28] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\cliqz@cliqz.com.xpi [2015-12-10] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-11-11] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\firefox@ghostery.com.xpi [2015-11-05] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\izer@camelcamelcamel.com.xpi [2015-08-27] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2015-11-21] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\jid1-82bQxmQ0klINKg@jetpack.xpi [2015-08-27] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\searchSwitcher@example.com.xpi [2015-05-29] [ist nicht signiert]
FF Extension: Kein Name - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\UIEnhancer@girishsharma.xpi [2015-12-05] [ist nicht signiert]
FF Extension: SeoQuake - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2015-12-08]
FF Extension: Video DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: CoolPreviews - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-11-09] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-25]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-11-10] [ist nicht signiert]
FF HKU\S-1-5-21-3779362651-2884523692-4276699226-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\krfi3dtd.default-1383238770932\extensions\cliqz@cliqz.com => nicht gefunden

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation) [Datei ist nicht signiert]
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation) [Datei ist nicht signiert]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4608040 2015-09-22] (Binary Fortress Software)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-11-23] (Freemake) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [Datei ist nicht signiert]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2015-07-27] (Panda Security, S.L.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3722912 2015-11-07] (Check Point Software Technologies Ltd.)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [Datei ist nicht signiert]
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [20488 2009-06-17] (IVT Corporation.)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47880 2009-08-28] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24840 2009-08-26] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [34440 2009-08-26] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [30344 2009-08-26] (IVT Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [46336 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-09-18] (Audials AG)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - )
S3 Spyder2; C:\Windows\System32\DRIVERS\Spyder2.sys [15360 2007-01-17] ()
S3 Spyder5; C:\Windows\System32\DRIVERS\dccmtr.sys [15360 2014-12-19] (Datacolor)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [17032 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [43912 2009-08-28] (IVT Corporation.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462304 2015-11-07] (Check Point Software Technologies Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 13:46 - 2015-12-14 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-12 20:42 - 2015-12-12 20:42 - 02977141 _____ C:\Users\admin\Desktop\ifolor_Familienfotografie_81171.pdf
2015-12-12 08:32 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-12-11 20:47 - 2015-12-11 20:47 - 00000095 _____ C:\Users\admin\Desktop\Heise.txt
2015-12-11 12:38 - 2015-12-14 19:12 - 00000000 ____D C:\FRST
2015-12-10 19:38 - 2015-12-10 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skitch
2015-12-10 17:16 - 2015-12-11 08:43 - 00000220 _____ C:\Windows\SysWOW64\BroomData.bit
2015-12-10 17:16 - 2013-04-08 15:30 - 00022752 _____ C:\Windows\system32\PCloudBroom64.exe
2015-12-10 16:43 - 2015-12-14 19:07 - 00871740 _____ C:\Users\admin\AppData\Local\SnipUsages.txt
2015-12-10 16:37 - 2015-12-11 08:02 - 00864908 _____ C:\Windows\system32\PHOOKSmf2.TXT
2015-12-10 16:35 - 2015-12-11 08:43 - 00888272 _____ C:\Windows\system32\PHOOKSmf.txt
2015-12-10 16:32 - 2015-12-11 07:31 - 00000000 ____D C:\Windows\system32\DBBK
2015-12-10 15:36 - 2015-12-10 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2015-12-09 19:12 - 2015-12-09 19:13 - 00000115 _____ C:\Users\admin\Desktop\iRemoteWP.txt
2015-12-06 17:52 - 2015-12-06 17:52 - 00001470 _____ C:\Users\admin\Desktop\TeamViewer.lnk
2015-12-06 17:39 - 2015-12-06 17:39 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-03 14:51 - 2015-12-03 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-11-27 13:06 - 2015-11-27 13:06 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-26 13:34 - 2015-11-26 13:34 - 02130477 _____ C:\Users\admin\Desktop\Greb, Axel - Einkommensteuer 2014 - ELSTER Einkommensteuererklärung - Meine Kopie.pdf
2015-11-26 13:33 - 2015-11-26 13:33 - 00039621 _____ C:\Users\admin\Desktop\Greb, Axel - Einkommensteuer 2014 - ELSTER Einkommensteuererklärung - An das Finanzamt.pdf
2015-11-25 21:40 - 2015-11-25 21:44 - 00626949 _____ C:\Users\admin\Desktop\BVG Kontoauszug.pdf
2015-11-25 21:40 - 2015-11-25 21:44 - 00434470 _____ C:\Users\admin\Desktop\Beitrag Krankenkasse.pdf
2015-11-25 21:39 - 2015-11-25 21:39 - 00731041 _____ C:\Users\admin\Desktop\Lohnnachweis 2014.pdf
2015-11-24 18:43 - 2015-11-24 18:59 - 00000664 _____ C:\Users\admin\Desktop\Personalausweis.txt
2015-11-23 16:22 - 2015-11-23 16:22 - 00000177 _____ C:\Users\admin\Desktop\Bewegliche Sache.txt
2015-11-18 19:18 - 2015-11-18 22:10 - 00002805 _____ C:\Users\admin\Desktop\1blu.txt
2015-11-17 15:53 - 2015-11-17 15:53 - 05694367 _____ C:\Users\admin\Desktop\updraftplus.1.11.17.zip
2015-11-17 15:19 - 2015-11-17 15:19 - 00671963 _____ C:\Users\admin\Desktop\google-sitemap-generator.4.0.8.zip
2015-11-16 02:47 - 2015-12-14 13:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-11-14 13:29 - 2015-11-14 13:29 - 00000000 ____D C:\Users\admin\AppData\Roaming\FreeCommander
2015-11-14 12:19 - 2015-11-14 12:20 - 21441594 _____ C:\Users\admin\Desktop\PhotoZoomPro-5.1.2-.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-14 19:12 - 2015-09-22 16:21 - 00424489 _____ C:\Users\admin\AppData\Local\Snip.txt
2015-12-14 19:11 - 2013-06-08 21:44 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-14 19:11 - 2013-05-16 20:44 - 00000000 ____D C:\Users\admin\AppData\Local\Clipboarder
2015-12-14 19:11 - 2009-07-14 18:58 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-12-14 19:11 - 2009-07-14 18:58 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-12-14 19:11 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-14 19:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-14 19:07 - 2015-09-04 11:58 - 00003608 _____ C:\Windows\System32\Tasks\WizMouse
2015-12-14 19:07 - 2015-01-11 22:00 - 00000000 ____D C:\Users\admin\AppData\Local\Skitch
2015-12-14 19:07 - 2014-01-07 18:58 - 00005248 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2015-12-14 19:07 - 2013-06-08 21:44 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-14 19:07 - 2013-05-16 20:00 - 00000000 ____D C:\Users\admin\AppData\Local\Sidebar7
2015-12-14 19:06 - 2009-09-07 15:42 - 00001012 _____ C:\Windows\SysWOW64\bscs.ini
2015-12-14 19:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-14 19:04 - 2014-05-23 11:24 - 00000000 ____D C:\AdwCleaner
2015-12-14 18:24 - 2013-05-18 12:20 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-14 18:14 - 2013-05-15 14:47 - 00000000 ____D C:\Users\admin\Desktop\Sicherheit
2015-12-14 17:04 - 2009-07-14 05:45 - 00025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-14 17:04 - 2009-07-14 05:45 - 00025568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-14 10:42 - 2014-08-19 10:28 - 00000000 ____D C:\Users\admin\AppData\Local\Adobe
2015-12-14 10:42 - 2013-05-16 20:54 - 00000000 ____D C:\ProgramData\ClickOff
2015-12-13 19:23 - 2013-09-21 16:38 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C739D6D-5A6D-420C-BB0B-2B1635F218C4}
2015-12-13 19:16 - 2014-11-03 20:59 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-12-11 21:49 - 2013-05-16 16:15 - 00000000 ____D C:\Users\admin\Documents\FinePrint-Dateien
2015-12-11 20:22 - 2015-08-26 18:08 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-11 12:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-11 08:45 - 2009-07-14 05:45 - 00380768 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 07:36 - 2013-05-16 21:21 - 00000000 ____D C:\Program Files (x86)\JDownloader
2015-12-11 06:49 - 2015-01-24 04:34 - 00000000 ____D C:\Users\admin\Desktop\Down
2015-12-10 20:23 - 2013-05-17 19:07 - 00967753 _____ C:\Users\admin\AppData\Local\census.cache
2015-12-10 20:23 - 2013-05-17 19:03 - 00114273 _____ C:\Users\admin\AppData\Local\ars.cache
2015-12-10 19:51 - 2013-05-09 16:37 - 00000000 ____D C:\Users\admin\Desktop\Textprg
2015-12-10 19:43 - 2015-09-09 15:55 - 00000000 ____D C:\Users\admin\AppData\Local\Citrix
2015-12-10 16:28 - 2015-10-12 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-12-10 16:28 - 2013-09-23 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Text_Druck
2015-12-10 16:28 - 2013-09-23 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2015-12-10 15:36 - 2014-11-03 20:58 - 00000000 ____D C:\Program Files (x86)\Panda Security
2015-12-10 14:08 - 2015-10-24 13:26 - 00000000 ___RD C:\Users\admin\Creative Cloud Files
2015-12-10 14:08 - 2015-10-24 13:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-10 13:32 - 2014-08-08 15:19 - 00490142 _____ C:\Windows\ntbtlog.txt
2015-12-10 13:24 - 2013-06-10 22:13 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2015-12-09 11:24 - 2013-05-18 12:20 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 11:24 - 2013-05-10 23:45 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 11:24 - 2013-05-10 23:45 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 18:40 - 2015-08-15 19:53 - 00000000 ____D C:\Users\admin\Documents\PhraseExpress
2015-12-07 22:17 - 2013-05-09 16:43 - 00000000 ____D C:\Users\admin\Desktop\Internet etc
2015-12-07 22:17 - 2013-05-09 16:37 - 00000000 ____D C:\Users\admin\Desktop\Tools
2015-12-07 22:13 - 2013-05-16 21:17 - 00000000 ____D C:\Users\admin\AppData\Roaming\FileZilla
2015-12-07 08:29 - 2013-05-10 11:16 - 00076072 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-06 23:10 - 2013-05-09 16:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-06 17:58 - 2015-05-13 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-12-06 17:58 - 2015-05-13 19:02 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-12-03 23:06 - 2013-06-08 21:44 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-03 23:06 - 2013-06-08 21:44 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 22:45 - 2015-09-22 16:21 - 00000000 ____D C:\Users\admin\Documents\My Snips
2015-12-03 14:57 - 2015-01-22 14:23 - 00430874 _____ C:\Windows\system32\Drivers\vsconfig.xml
2015-11-30 23:41 - 2013-05-11 01:37 - 00000000 ____D C:\Users\admin\Desktop\Video
2015-11-30 21:25 - 2015-08-18 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-11-30 21:25 - 2015-08-18 23:11 - 00000000 ____D C:\ProgramData\Freemake
2015-11-28 11:04 - 2015-10-05 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-11-28 11:04 - 2013-05-09 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-27 20:17 - 2015-08-20 12:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-27 13:06 - 2013-06-24 23:07 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-25 14:48 - 2013-10-16 18:08 - 00000000 ____D C:\ProgramData\Oracle
2015-11-25 14:46 - 2015-08-26 15:00 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-25 14:46 - 2015-08-20 14:06 - 00000000 ____D C:\Program Files\Java
2015-11-25 14:46 - 2014-10-16 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-25 14:45 - 2015-08-20 14:07 - 00000000 ____D C:\Users\admin\.oracle_jre_usage
2015-11-25 14:44 - 2015-08-20 14:07 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-25 14:01 - 2013-05-09 22:44 - 00000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2015-11-24 11:38 - 2015-01-22 16:21 - 00000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2015-11-19 23:00 - 2015-02-16 21:29 - 00000000 ____D C:\Users\admin\AppData\Local\CyberGhost
2015-11-19 22:55 - 2014-01-21 16:27 - 00000000 ____D C:\Program Files\CyberGhost 5
2015-11-17 09:36 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-06 14:57 - 2015-11-06 14:57 - 0000136 _____ () C:\Program Files\Common Files\TrackerSoftwareInstallerPDFXVwer.log
2009-09-27 14:02 - 2009-10-22 14:11 - 0103055 _____ () C:\Users\admin\AppData\Roaming\PremeSplashScreen.jpg
2009-12-08 08:39 - 2009-12-08 08:39 - 0005430 _____ () C:\Users\admin\AppData\Roaming\Untitled-32.ico
2014-03-04 09:49 - 2014-03-04 09:45 - 0001610 _____ () C:\Users\admin\AppData\Roaming\Zonealarm.lnk
2014-04-01 11:18 - 2015-03-24 13:49 - 0001078 _____ () C:\Users\admin\AppData\Local\297ee9cad53a5fc00aaa2013a9c17a85
2015-04-29 20:50 - 2015-04-29 21:19 - 0001062 _____ () C:\Users\admin\AppData\Local\43d15e80ee0ca18448ed415b876369ed
2015-05-15 10:48 - 2015-09-09 16:09 - 0001078 _____ () C:\Users\admin\AppData\Local\a8720e05422a1c5b236fce563fd6475c
2013-05-17 19:03 - 2015-12-10 20:23 - 0114273 _____ () C:\Users\admin\AppData\Local\ars.cache
2015-01-31 19:30 - 2015-02-12 12:30 - 0001094 _____ () C:\Users\admin\AppData\Local\b910beaedd16e666d75f0eba9db54ffc
2014-03-14 17:59 - 2015-03-24 13:48 - 0001062 _____ () C:\Users\admin\AppData\Local\c59be68b03be09f9dbe3e1c49acbe573
2013-05-17 19:07 - 2015-12-10 20:23 - 0967753 _____ () C:\Users\admin\AppData\Local\census.cache
2014-04-04 10:40 - 2014-05-27 12:34 - 0005120 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-17 18:55 - 2013-05-17 18:55 - 0000036 _____ () C:\Users\admin\AppData\Local\housecall.guid.cache
2015-09-22 16:21 - 2015-12-14 19:12 - 0424489 _____ () C:\Users\admin\AppData\Local\Snip.txt
2015-12-10 16:43 - 2015-12-14 19:07 - 0871740 _____ () C:\Users\admin\AppData\Local\SnipUsages.txt

Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\-zd56qre.dll
C:\Users\admin\AppData\Local\Temp\AAMHelper.exe
C:\Users\admin\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\admin\AppData\Local\Temp\ExPromo.exe
C:\Users\admin\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\admin\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\admin\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\admin\AppData\Local\Temp\ScreenpressoUpd.exe
C:\Users\admin\AppData\Local\Temp\skitchsetup_2.3.2.176.exe
C:\Users\admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll
C:\Users\admin\AppData\Local\Temp\v5xlvg7j.dll
C:\Users\admin\AppData\Local\Temp\wip4_r5n.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-10 12:40

==================== Ende von FRST.txt ============================

Panda-Symbol ändert sich auf Inaktiv. Trojaner etc. ?

Log-Analyse und Auswertung: Panda-Symbol ändert sich auf Inaktiv. Trojaner etc. ?

Panda-Symbol ändert sich auf Inaktiv. Trojaner etc. ?

Ähnliche Themen: Panda-Symbol ändert sich auf Inaktiv. Trojaner etc. ?