| |
| |||||||
Log-Analyse und Auswertung: Word-Anhang Büromarkt Boettcher in Vorschau geöffnet, ESET meldet JS/Astromenda.A u.a.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.02.2016, 15:54
| #1 |
 |  Word-Anhang Büromarkt Boettcher in Vorschau geöffnet, ESET meldet JS/Astromenda.A u.a. Hallo, jetzt hat es mich wohl auch erwischt: vorgestern bekam ich eine Email mit Word-Anhang mit einer angeblichen Rechnung von Büromarkt Böttcher. Ich habe sie nach Rechtsklickscan, der kein Ergebnis brachte in der Email-Vorschau von Outlook geöffnet. Die Email habe ich mittlerweile auf iPhone und Computer gelöscht, die Datei habe ich noch auf dem Desktop. Ein Scan mit virustotal brachte auch kein Ergebnis. Scan des Computers mit ESET brachte leider einige Ergebnisse: JS/Astromenda.A und andere, Scan läuft gerade noch. Malwarebytes: kein Ergebnis Ich hoffe, das krieg ich wieder hin ... Danke im Voraus Stephanie Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016 durchgeführt von Stephanie (Administrator) auf STEPHANIE-PC (04-02-2016 15:03:39) Gestartet von C:\Users\Stephanie\Downloads Geladene Profile: Stephanie (Verfügbare Profile: Stephanie & Gast) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (AMD) C:\Windows\System32\atieclxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Box, Inc.) C:\Program Files (x86)\Box\Box for Office\UpgradeService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe () C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe (Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Spotify Ltd) C:\Users\Stephanie\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Flux Software LLC) C:\Users\Stephanie\AppData\Local\FluxSoftware\Flux\flux.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Fieldston Software) C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Synology Inc.) C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE (Synology Inc.) C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe (Synology Inc.) C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [741760 2011-06-29] (Apple Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4031152 2013-11-26] (Stardock Corporation) HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [6010024 2016-01-11] (Box, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2015-12-17] (Adobe Systems Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-09-23] (Cisco Systems, Inc.) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1592104 2015-08-12] (Sophos Limited) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\Run: [Spotify Web Helper] => C:\Users\Stephanie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030912 2015-10-29] (Spotify Ltd) HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\Run: [f.lux] => C:\Users\Stephanie\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\Run: [MsgCenterExe] => "c:\program files (x86)\real\realplayer\update\RealOneMessageCenter.exe" -osboot HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\Run: [Dropbox Update] => C:\Users\Stephanie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.) HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\Run: [gSyncit] => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [228352 2015-12-18] (Fieldston Software) HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512_2\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512_2\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.4713.0209\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\RunOnce: [Uninstall C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stephanie\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\MountPoints2: H - H:\LaunchU3.exe -a HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\MountPoints2: {14d99ca1-e99a-11e0-97eb-806e6f6e6963} - F:\SETUP.EXE HKU\S-1-5-21-1165394420-3520031323-336608003-1000\...\MountPoints2: {a64a5b49-255a-11e1-8a52-040cce23d297} - H:\LaunchU3.exe -a HKU\S-1-5-18\...\Run: [Copy] => C:\Users\Stephanie\AppData\Roaming\Copy\CopyAgent.exe [15410832 2015-04-14] (Barracuda Networks, Inc.) AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217672 2015-01-14] (Sophos Limited) AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2015-01-14] (Sophos Limited) Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [ BoxSyncFileLocked] -> {2a607da5-abe8-358e-a881-c0f5faf2d3a5} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ BoxSyncFileLockedByOther] -> {f7d2951f-0b6b-346c-99ec-69cffc30a364} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ BoxSyncNotSynced] -> {5ea95e3d-3e46-3812-b03c-49785fa67d41} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ BoxSyncProblem] -> {a88b7184-bfa1-3d14-8efb-2225df9699bc} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ BoxSyncSynced] -> {c89f9943-8f58-3eca-bd55-a658f53b2f48} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Stephanie\AppData\Local\CloudStation\CloudStation.app\icon-overlay\14\x64\iconOverlay.dll [2015-11-17] (TODO: <Company name>) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [1aCopyShExtError] -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [2aCopyShExtSynced] -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [3aCopyShExtSyncing] -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [4aCopyShExtSyncingProg1] -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [5aCopyShExtSyncingProg2] -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [6aCopyShExtSyncingProg3] -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [7aCopyShExtSyncingProg4] -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [8aCopyShExtSyncingProg5] -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\Users\Stephanie\AppData\Roaming\Copy\overlay\CopyShExt.dll [2015-01-20] (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => Keine Datei ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Stephanie\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-10-06] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Marketsplash Drucksoftware.lnk [2015-03-29] ShortcutTarget: Marketsplash Drucksoftware.lnk -> C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe (Hewlett-Packard Company) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-11-17] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-02-04] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2016-02-04] ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.) BootExecute: autocheck autochk /p \??\I:autocheck autochk * GroupPolicyScripts: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864 2015-05-13] (Sophos Limited) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{3F2B7EB5-8E99-430E-8694-0DB3092C75E6}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{E1E502E5-BEBB-4C72-B240-AAAF659DFE1B}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{EBF970A9-7A14-4FCD-86D9-7378779F0C77}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-1165394420-3520031323-336608003-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKU\S-1-5-21-1165394420-3520031323-336608003-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1165394420-3520031323-336608003-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1165394420-3520031323-336608003-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-10-04] (Siber Systems Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Password Depot 7 -> {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} -> C:\Program Files (x86)\AceBIT\Password Depot 7\pdIEAddOn64.dll [2014-06-27] (AceBIT) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-18] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-02] (RealPlayer) BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\Stephanie\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2014-12-15] (Dashlane) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) BHO-x32: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> Keine Datei BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-10-04] (Siber Systems Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-22] (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Password Depot 7 -> {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} -> C:\Program Files (x86)\AceBIT\Password Depot 7\pdIEAddOn32.dll [2014-06-27] (AceBIT) BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll [2011-04-22] () BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation) BHO-x32: 1Password -> {CB1A24DA-7416-4921-A0CF-5AA1160AAE2A} -> C:\Program Files (x86)\1Password\Agile1pIE.dll [2013-08-07] (AgileBits) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-22] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-10-04] (Siber Systems Inc.) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2013-10-04] (Siber Systems Inc.) Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Stephanie\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2014-12-15] (Dashlane) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-06-29] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1165394420-3520031323-336608003-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-12-17] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1165394420-3520031323-336608003-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2013-10-04] (Siber Systems Inc.) Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll Keine Datei Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\g24g73re.default-1428761828540 FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-02] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-02] (RealNetworks, Inc.) FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-12-17] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems) FF Plugin HKU\S-1-5-21-1165394420-3520031323-336608003-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Stephanie\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-11-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-11-13] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] () FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-22] (Octoshape ApS) FF Extension: Clip to OneNote (Legacy Edition) - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\g24g73re.default-1428761828540\Extensions\jid0-e0l1gzjOmbUL1N6n3j8dBSBMcGE@jetpack.xpi [2015-05-31] FF Extension: FireShot - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\g24g73re.default-1428761828540\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-01-07] FF Extension: Adblock Plus - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\g24g73re.default-1428761828540\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-07] [ist nicht signiert] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-07] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [passworddepot@acebit.com] - C:\Program Files (x86)\AceBIT\Password Depot 7\Firefox FF Extension: Password Depot Extension - C:\Program Files (x86)\AceBIT\Password Depot 7\Firefox [2015-07-13] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2015-04-28] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-06-22] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-12-26] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-07-20] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-01-18] Chrome: ======= CHR StartupUrls: Default -> "","chrome://newtab/?source=home" CHR NewTab: Default -> "chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html" CHR Plugin: (Native Client) - C:\Users\Stephanie\AppData\Local\Google\Chrome\Application\46.0.2490.86\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Users\Stephanie\AppData\Local\Google\Chrome\Application\46.0.2490.86\pdf.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Users\Stephanie\AppData\Local\Google\Chrome\Application\46.0.2490.86\gcswf32.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll => Keine Datei CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll => Keine Datei CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll => Keine Datei CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll => Keine Datei CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll => Keine Datei CHR Plugin: (ScorchPlugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPSibelius.dll => Keine Datei CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL => Keine Datei CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL => Keine Datei CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei CHR Profile: C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-30] CHR Extension: (YouTube) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-30] CHR Extension: (Adblock Plus) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-30] CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2015-01-02] CHR Extension: (Google-Suche) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-30] CHR Extension: (Post To Tumblr) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpicbbcpanckagpdjflgojlknomoiah [2015-11-30] CHR Extension: (Syncpad for Simplenote) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\djiafihgcdhojlgmgfolclfgmllnhhbj [2012-05-20] CHR Extension: (Adobe Acrobat) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-30] CHR Extension: (Google Kalender) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-11-30] CHR Extension: (Springpad) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2012-04-16] CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-10-21] CHR Extension: (Google Docs Offline) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-30] CHR Extension: (Google Kalender (von Google)) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2015-11-30] CHR Extension: (TomaTimer) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbdhbgmmfhepghcdhepkbhabkaffihk [2014-02-19] CHR Extension: (MusicDock) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokmdnpfhbbjkaaofecofamghdjadhpa [2012-04-09] CHR Extension: (Speed Dial 2) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-11-30] CHR Extension: (TrackingTime Online Zeiterfassung) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knailkjkjcfegledhjhcfacdngnicimb [2015-11-30] CHR Extension: (SPIEGEL ONLINE Extension) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcmhmkhlpcieakngfbhgjkdpgibbmboc [2012-04-09] CHR Extension: (Karim Rashid) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjcbfljkplgifccngillicohclloidg [2014-02-21] CHR Extension: (Password Depot Add-On) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcgmdbhgeplifgopfnmafmhfmoekiekn [2015-08-05] CHR Extension: (Save to Pocket) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-11-30] CHR Extension: (Springpad Extension) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\njhgeimnepehieioinbhmfpphfoocmng [2012-04-16] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-14] CHR Extension: (Any.do) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2015-08-14] CHR Extension: (Citavi Picker) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2015-11-30] CHR Extension: (Google Calendar Checker) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2015-02-24] CHR Extension: (Cacoo - Diagramming & Real-Time Collaboration) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcflmbddgcmomcfngehfhlajjapabojh [2015-05-21] CHR Extension: (Google Mail) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-21] CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2014-06-22] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-12-17] CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <kein Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-24] CHR HKLM-x32\...\Chrome\Extension: [mcgmdbhgeplifgopfnmafmhfmoekiekn] - C:\Program Files (x86)\AceBIT\Password Depot 7\crx.crx [2013-08-27] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 Agile1Password; C:\Program Files (x86)\1Password\Agile1pService.exe [768784 2013-08-07] (AgileBits) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) S4 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [224640 2011-06-29] () R2 Box for Office Upgrade Service; C:\Program Files (x86)\Box\Box for Office\UpgradeService.exe [26368 2015-10-15] (Box, Inc.) S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [32144 2015-12-01] (Box, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation) R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287712 2015-10-06] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.) R2 MSSQL$MYMOVIES; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) R2 MSSQL$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [60416 2009-06-22] (Hewlett-Packard) [Datei ist nicht signiert] R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-06-06] (Sophos Limited) R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2014-11-06] (Sophos Limited) S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia) R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [340264 2015-08-12] (Sophos Limited) R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2014-11-06] (Sophos Limited) S4 SQLAgent$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation) R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3274536 2015-01-14] (Sophos Limited) S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2015-01-14] (Sophos Limited) R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [384072 2013-10-09] () R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGoRetro\DriverInstall.exe [103576 2015-11-04] (Wondershare) S2 HPHNDUSVC; C:\Users\STEPHA~1\AppData\Local\Temp\7zS19CF\HPHNDUSVC.dll [X] S2 HPSLPSVC; C:\Users\STEPHA~1\AppData\Local\Temp\7zS1050\hpslpsvc64.dll [X] S4 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 applebmt; C:\Windows\System32\DRIVERS\applebmt.sys [52736 2011-06-03] (Apple Inc.) S3 AppleODD; C:\Windows\System32\DRIVERS\AppleODD.sys [8704 2011-03-25] (Apple Inc.) R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.) R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] () S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-04] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [1077840 2010-11-19] (DiBcom SA) S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24272 2010-11-19] (DiBcom S.A.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia) R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-06-06] (Sophos Limited) S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-06-06] (Sophos Limited) S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-06-06] (Sophos Limited) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-04-10] (Duplex Secure Ltd.) S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-04 15:03 - 2016-02-04 15:04 - 00055920 _____ C:\Users\Stephanie\Downloads\FRST.txt 2016-02-04 15:01 - 2016-02-04 15:03 - 00000000 ____D C:\FRST 2016-02-04 14:52 - 2016-02-04 14:52 - 02370560 _____ (Farbar) C:\Users\Stephanie\Downloads\FRST64.exe 2016-02-04 14:23 - 2016-02-04 14:23 - 00000000 ___HD C:\OneDriveTemp 2016-02-04 14:15 - 2016-02-04 14:15 - 00002302 _____ C:\Users\Stephanie\Desktop\TROJANER.txt 2016-02-04 13:59 - 2016-02-04 14:15 - 00000000 ____D C:\Users\Stephanie\Desktop\TROJANERBOARD 2016-02-04 10:15 - 2016-02-04 10:15 - 00000000 ____D C:\Program Files (x86)\ESET 2016-02-04 10:11 - 2016-02-04 10:11 - 02870984 _____ (ESET) C:\Users\Stephanie\Downloads\esetsmartinstaller_deu.exe 2016-02-04 08:26 - 2016-02-04 08:26 - 22908888 _____ (Malwarebytes ) C:\Users\Stephanie\Downloads\mbam-setup-2.2.0.1024(1).exe 2016-02-04 08:06 - 2016-02-04 14:24 - 00003356 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1165394420-3520031323-336608003-1000 2016-02-02 11:37 - 2016-02-02 11:37 - 00231592 _____ C:\Users\Stephanie\0014.pdf 2016-02-02 07:54 - 2016-02-04 14:24 - 00003230 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1165394420-3520031323-336608003-1000 2016-01-31 11:40 - 2016-01-31 11:40 - 00339224 _____ C:\Users\Stephanie\0013.pdf 2016-01-29 10:11 - 2016-01-29 10:11 - 00000000 ____D C:\Users\Stephanie\AppData\Local\Microsoft_Corporation 2016-01-29 10:03 - 2016-01-29 10:11 - 00000000 ____D C:\Users\Stephanie\AppData\Local\yasoon 2016-01-29 10:00 - 2016-01-29 10:00 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\yasoon GmbH 2016-01-29 09:59 - 2016-01-29 09:59 - 35984032 _____ (yasoon GmbH) C:\Users\Stephanie\Downloads\wunderlist_for_outlook.exe 2016-01-28 20:44 - 2016-01-28 20:44 - 04123704 _____ (ClearContext Corporation) C:\Users\Stephanie\Downloads\ccims-myn(1).exe 2016-01-28 20:43 - 2016-01-28 20:44 - 04123704 _____ (ClearContext Corporation) C:\Users\Stephanie\Downloads\ccims-myn.exe 2016-01-28 15:06 - 2016-01-28 15:06 - 00015978 _____ C:\Users\Stephanie\Downloads\toodledo_completed.csv 2016-01-28 14:58 - 2016-01-28 14:58 - 00083718 _____ C:\Users\Stephanie\Downloads\toodledo_current.csv 2016-01-28 10:05 - 2016-01-28 10:05 - 00011439 _____ C:\Users\Stephanie\AppData\Roaming\Durch Trennzeichen getrennte Werte.TSK 2016-01-23 21:52 - 2016-01-23 21:52 - 00552409 _____ C:\Users\Stephanie\0012.pdf 2016-01-23 18:32 - 2016-01-23 18:32 - 00171597 _____ C:\Users\Stephanie\0011.pdf 2016-01-23 18:26 - 2016-01-23 18:26 - 00346300 _____ C:\Users\Stephanie\0010.pdf 2016-01-23 18:15 - 2016-01-23 18:15 - 00154642 _____ C:\Users\Stephanie\0009.pdf 2016-01-23 18:04 - 2016-01-23 18:04 - 00215794 _____ C:\Users\Stephanie\0008.pdf 2016-01-23 17:57 - 2016-01-23 17:57 - 00215794 _____ C:\Users\Stephanie\0007.pdf 2016-01-23 17:55 - 2016-01-23 17:55 - 00248524 _____ C:\Users\Stephanie\0006.pdf 2016-01-23 17:31 - 2016-01-23 17:31 - 00867745 _____ C:\Users\Stephanie\0005.pdf 2016-01-22 11:38 - 2016-01-22 11:38 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-01-20 23:21 - 2016-01-20 23:21 - 00010835 _____ C:\Users\Stephanie\Downloads\Ihre Retourenmarke.pdf 2016-01-17 11:16 - 2016-01-17 11:16 - 00551291 _____ C:\Users\Stephanie\0004.pdf 2016-01-17 11:07 - 2016-01-17 11:08 - 07534080 _____ C:\Users\Stephanie\Downloads\gSyncit_4_1_65.msi 2016-01-17 09:56 - 2016-01-17 09:56 - 03205312 _____ (Microsoft Corporation) C:\Users\Stephanie\Downloads\Setup.X86.de-DE_O365HomePremRetail_caeec875-3843-48d7-83a2-3adae5cd1054_TX_DB_.exe 2016-01-15 15:53 - 2016-01-15 15:53 - 00105770 _____ C:\Users\Stephanie\0003.pdf 2016-01-15 15:53 - 2016-01-15 15:53 - 00105770 _____ C:\Users\Stephanie\0002.pdf 2016-01-15 15:53 - 2016-01-15 15:53 - 00105770 _____ C:\Users\Stephanie\0001.pdf 2016-01-14 19:22 - 2016-01-14 19:22 - 00196218 _____ C:\Users\Stephanie\Documents\Scan0006.pdf 2016-01-14 19:21 - 2016-01-14 19:21 - 00196218 _____ C:\Users\Stephanie\Documents\Scan0005.pdf 2016-01-14 09:30 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-01-14 09:30 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-01-14 09:30 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll 2016-01-14 09:30 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-14 09:30 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-01-14 09:30 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-14 09:30 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-01-14 09:30 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2016-01-14 09:30 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2016-01-14 09:30 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll 2016-01-14 09:30 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-14 09:30 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-14 09:30 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2016-01-14 09:30 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll 2016-01-14 09:30 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-14 09:30 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2016-01-14 09:30 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2016-01-14 09:30 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-14 09:30 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-01-14 09:30 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2016-01-14 09:30 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-01-14 09:30 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-14 09:30 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-14 09:30 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-14 09:30 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll 2016-01-14 09:30 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll 2016-01-14 09:30 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe 2016-01-14 09:29 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-01-14 09:29 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-01-14 09:29 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-14 09:29 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-01-14 09:29 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-01-14 09:29 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-01-14 09:29 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-14 09:29 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-14 09:29 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-01-14 09:29 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-01-14 09:29 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-01-14 09:29 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-14 09:29 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-01-14 09:29 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-01-14 09:29 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-01-14 09:29 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-01-14 09:29 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-14 09:29 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-01-14 09:29 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-01-14 09:29 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-01-14 09:29 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-01-14 09:29 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-01-14 09:29 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-01-14 09:29 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-01-14 09:29 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-01-14 09:29 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-14 09:29 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-01-14 09:29 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-14 09:29 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-01-14 09:29 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-01-14 09:29 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-01-14 09:29 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-01-14 09:29 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-01-14 09:29 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-01-14 09:29 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-01-14 09:29 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-01-14 09:29 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-01-14 09:29 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-01-14 09:29 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-01-14 09:29 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-01-14 09:29 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-01-14 09:29 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-14 09:29 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-01-14 09:29 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-01-14 09:29 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-14 09:29 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-01-14 09:29 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-14 09:29 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-01-14 09:29 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-01-14 09:29 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-01-14 09:29 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-01-14 09:29 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-01-14 09:29 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-01-14 09:29 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-14 09:29 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-01-14 09:29 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-01-14 09:29 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-01-14 09:29 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-01-14 09:29 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-01-14 09:29 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-14 09:29 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-01-14 09:29 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-01-14 09:29 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-01-14 09:29 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-01-14 09:27 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-14 09:27 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-01-14 09:27 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-01-14 09:27 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-01-14 09:27 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-01-14 09:27 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-01-14 09:27 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-01-14 09:27 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-01-14 09:27 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-01-14 09:27 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-01-14 09:27 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-01-14 09:27 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-01-14 09:27 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-01-14 09:27 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-01-14 09:27 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-01-14 09:27 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-01-14 09:27 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-01-14 09:27 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-01-14 09:27 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-01-14 09:27 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-01-14 09:27 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-01-14 09:27 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-01-14 09:27 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-01-14 09:27 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-01-14 09:27 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-01-14 09:27 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-01-14 09:27 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-01-14 09:27 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-01-14 09:27 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-01-14 09:27 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-01-14 09:27 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-01-14 09:27 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-01-14 09:27 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-01-14 09:27 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-01-14 09:27 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-01-14 09:27 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-01-14 09:27 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-01-14 09:27 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-01-14 09:27 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-01-14 09:27 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-01-14 09:27 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-01-14 09:27 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-01-14 09:27 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-01-14 09:27 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-01-14 09:27 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-01-14 09:27 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-01-14 09:27 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-01-14 09:27 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-01-14 09:27 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-01-14 09:27 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-01-14 09:27 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-01-14 09:27 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-14 09:27 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-14 09:27 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-01-14 09:27 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-01-14 09:27 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-01-14 09:27 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-01-14 09:27 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-01-14 09:27 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-01-14 09:27 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-01-10 15:33 - 2016-01-11 00:01 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\Outlook Google Calendar Sync 2016-01-10 15:28 - 2016-01-10 15:28 - 00005719 _____ C:\Users\Stephanie\Downloads\OutlookGoogleCalendarSync.application 2016-01-09 12:46 - 2016-01-09 12:46 - 00002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk 2016-01-09 11:39 - 2016-01-09 11:43 - 142614416 _____ (Sophos Limited) C:\Users\Stephanie\Downloads\Sophos Virus Removal Tool.exe 2016-01-08 18:47 - 2016-01-08 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-01-07 12:52 - 2016-01-09 09:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-04 14:53 - 2009-07-14 05:45 - 00024384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-04 14:53 - 2009-07-14 05:45 - 00024384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-04 14:50 - 2015-03-01 09:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-02-04 14:47 - 2013-09-12 22:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-02-04 14:43 - 2014-02-11 14:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-04 14:40 - 2014-11-09 15:24 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\Copy 2016-02-04 14:25 - 2015-07-10 08:59 - 00000000 ____D C:\Users\Stephanie\AppData\Local\Box Sync 2016-02-04 14:25 - 2015-06-14 22:14 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1165394420-3520031323-336608003-1000UA.job 2016-02-04 14:23 - 2015-10-29 10:36 - 00000000 ___RD C:\Users\Stephanie\OneDrive 2016-02-04 14:23 - 2014-02-11 14:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-04 14:21 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-04 14:11 - 2015-08-12 10:47 - 00000000 ___RD C:\Users\Stephanie\CloudStation 2016-02-04 14:00 - 2011-08-26 09:23 - 00000000 ____D C:\Users\Stephanie\Documents\WISO Mein Geld 2016-02-04 13:25 - 2011-08-28 12:11 - 00001167 _____ C:\Windows\wiso.ini 2016-02-04 13:03 - 2014-10-06 18:55 - 00000000 ____D C:\Users\Stephanie\AppData\Local\CrashDumps 2016-02-04 12:21 - 2011-08-29 11:56 - 00000000 ____D C:\Users\Stephanie\AppData\Local\Deployment 2016-02-04 08:38 - 2014-02-11 14:14 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-04 08:38 - 2014-02-11 14:14 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-04 08:30 - 2015-11-17 09:04 - 00001110 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-02-04 08:30 - 2015-03-01 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-02-04 08:30 - 2015-03-01 09:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-02-02 11:37 - 2011-08-24 22:45 - 00000000 ____D C:\Users\Stephanie 2016-02-02 11:29 - 2013-06-12 07:16 - 00000000 ____D C:\Users\Stephanie\Desktop\Temporär 2016-02-02 07:57 - 2015-06-14 22:14 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1165394420-3520031323-336608003-1000Core.job 2016-02-02 07:51 - 2011-09-09 16:15 - 00000578 _____ C:\Windows\Tasks\Neuer Scan (1).job 2016-01-31 12:02 - 2011-08-27 23:07 - 00000000 ____D C:\Users\Stephanie\Documents\Telekommunikation 2016-01-31 11:35 - 2015-08-04 10:56 - 00000000 ____D C:\ProgramData\firebird 2016-01-31 00:01 - 2012-11-11 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-01-30 11:08 - 2011-08-25 23:50 - 00000000 ____D C:\Users\Stephanie\Documents\Outlook-Dateien 2016-01-29 09:53 - 2015-08-12 10:31 - 00000000 ____D C:\Users\Stephanie\AppData\Local\CloudStation 2016-01-28 20:18 - 2015-07-09 22:11 - 00333312 ___SH C:\Users\Stephanie\Downloads\Thumbs.db 2016-01-27 19:04 - 2009-07-14 11:57 - 00815860 _____ C:\Windows\system32\perfh007.dat 2016-01-27 19:04 - 2009-07-14 11:57 - 00193644 _____ C:\Windows\system32\perfc007.dat 2016-01-27 19:04 - 2009-07-14 06:13 - 01947900 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-27 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-01-24 17:40 - 2015-08-17 12:45 - 00000000 ____D C:\ProgramData\BtCrashDumps 2016-01-24 17:25 - 2015-07-26 14:54 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-01-24 17:22 - 2011-08-25 09:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-01-23 21:36 - 2014-02-11 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration 2016-01-23 16:45 - 2013-09-13 08:02 - 00000000 ____D C:\ProgramData\Oracle 2016-01-22 12:34 - 2011-09-28 10:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-01-22 12:33 - 2014-08-26 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-22 12:32 - 2015-09-02 09:55 - 00000000 ____D C:\Users\Stephanie\.oracle_jre_usage 2016-01-22 12:31 - 2014-10-31 08:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2016-01-22 11:38 - 2011-08-25 10:44 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\Dropbox 2016-01-20 23:50 - 2012-09-01 19:35 - 00000000 ____D C:\Users\Stephanie\AppData\Local\Spotify 2016-01-20 22:32 - 2012-09-01 19:35 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\Spotify 2016-01-20 15:40 - 2013-09-12 22:26 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-01-20 15:40 - 2013-09-12 22:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-20 15:40 - 2013-09-12 22:26 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-01-18 18:40 - 2015-08-18 23:04 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk 2016-01-18 18:40 - 2015-08-18 23:04 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk 2016-01-18 18:40 - 2015-08-18 23:04 - 00002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk 2016-01-18 18:12 - 2009-07-14 05:45 - 00495920 _____ C:\Windows\system32\FNTCACHE.DAT 2016-01-17 15:08 - 2012-05-20 14:54 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\gSyncit 2016-01-17 11:27 - 2013-10-25 14:42 - 00139328 _____ C:\Users\Stephanie\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-17 11:12 - 2013-02-02 19:02 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\MOBackup 2016-01-17 09:48 - 2015-07-10 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync 2016-01-17 08:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-01-16 19:44 - 2011-08-29 18:10 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-15 16:34 - 2013-03-13 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-15 16:33 - 2013-03-13 10:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-15 16:33 - 2013-03-13 10:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-01-15 16:32 - 2013-08-14 09:25 - 00000000 ____D C:\Windows\system32\MRT 2016-01-15 16:17 - 2011-08-25 09:39 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-01-15 09:16 - 2014-12-11 07:32 - 00000000 ____D C:\Windows\system32\appraiser 2016-01-15 09:16 - 2014-05-06 23:04 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-15 00:56 - 2014-11-19 23:40 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-15 00:32 - 2015-08-21 08:35 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-01-14 18:52 - 2011-08-25 09:38 - 00000000 ___RD C:\Users\Stephanie\Documents\Scanned Documents 2016-01-14 13:08 - 2015-01-20 21:24 - 00003060 _____ C:\Windows\System32\Tasks\HpWebReg.exe 2016-01-14 12:09 - 2011-08-25 08:47 - 00000000 ____D C:\Users\Stephanie\AppData\Roaming\Adobe 2016-01-10 12:42 - 2011-08-25 21:22 - 00000000 ____D C:\ProgramData\Sophos 2016-01-09 12:46 - 2014-06-06 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2016-01-09 12:46 - 2011-08-25 21:22 - 00000000 ____D C:\Program Files (x86)\Sophos 2016-01-09 11:09 - 2016-01-04 16:01 - 00000000 ____D C:\TEMP 2016-01-09 10:32 - 2009-07-14 11:57 - 00000000 ____D C:\Windows\system32\de 2016-01-09 09:43 - 2012-05-01 23:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 18:47 - 2011-11-01 19:45 - 00000000 ____D C:\Program Files (x86)\QuickTime 2016-01-08 10:43 - 2011-08-24 23:43 - 00000000 ____D C:\Users\Stephanie\AppData\Local\ElevatedDiagnostics 2016-01-07 11:30 - 2013-04-13 23:01 - 00625152 ___SH C:\Users\Stephanie\Desktop\Thumbs.db ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2011-09-08 22:19 - 2011-09-08 22:20 - 0539136 _____ () C:\Program Files\Passbild-Generator.exe 2011-08-29 18:02 - 2012-06-03 16:08 - 0000157 _____ () C:\Users\Stephanie\AppData\Roaming\default.rss 2012-02-23 11:04 - 2012-02-23 11:04 - 0000000 _____ () C:\Users\Stephanie\AppData\Roaming\downloads.m3u 2014-03-02 18:39 - 2015-11-06 15:19 - 0038448 _____ () C:\Users\Stephanie\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR 2014-02-11 13:10 - 2015-05-27 16:49 - 0012988 _____ () C:\Users\Stephanie\AppData\Roaming\Durch Trennzeichen getrennte Werte.CAL 2016-01-28 10:05 - 2016-01-28 10:05 - 0011439 _____ () C:\Users\Stephanie\AppData\Roaming\Durch Trennzeichen getrennte Werte.TSK 2012-08-15 22:02 - 2012-11-11 20:37 - 0038454 _____ () C:\Users\Stephanie\AppData\Roaming\Kommagetrennte Werte (Windows).ADR 2012-11-11 20:32 - 2012-11-11 20:32 - 0038458 _____ () C:\Users\Stephanie\AppData\Roaming\Microsoft Excel 97-2003.ADR 2013-09-28 15:16 - 2014-10-21 14:51 - 0016572 _____ () C:\Users\Stephanie\AppData\Roaming\OneCal.emf 2013-09-28 15:16 - 2014-11-18 18:02 - 0000622 _____ () C:\Users\Stephanie\AppData\Roaming\onecal.xml 2014-05-24 11:14 - 2014-05-24 11:17 - 0599704 _____ () C:\Users\Stephanie\AppData\Roaming\Scorch_Install.log 2014-12-16 09:22 - 2014-12-16 09:22 - 0031794 _____ () C:\Users\Stephanie\AppData\Local\13E5D428_stp.CIS 2014-12-16 09:22 - 2014-12-16 09:22 - 0000289 _____ () C:\Users\Stephanie\AppData\Local\13E5D428_stp.CIS.part 2014-12-16 09:21 - 2014-12-16 09:22 - 0382062 _____ () C:\Users\Stephanie\AppData\Local\6AC3B58C_stp.CIS 2014-12-16 09:21 - 2014-12-16 09:22 - 0000220 _____ () C:\Users\Stephanie\AppData\Local\6AC3B58C_stp.CIS.part 2011-08-28 12:11 - 2012-12-07 12:45 - 0001188 _____ () C:\Users\Stephanie\AppData\Local\crc32list11.txt 2011-08-30 11:08 - 2015-04-21 07:20 - 0014336 _____ () C:\Users\Stephanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-19 15:23 - 2015-06-19 15:23 - 2218685 _____ () C:\Users\Stephanie\AppData\Local\Innenwelten.pdf 2013-03-10 14:50 - 2013-03-10 14:50 - 0000739 _____ () C:\Users\Stephanie\AppData\Local\recently-used.xbel 2014-01-25 10:37 - 2015-07-15 22:35 - 0007624 _____ () C:\Users\Stephanie\AppData\Local\resmon.resmoncfg 2012-02-21 23:18 - 2012-02-21 23:22 - 0000072 _____ () C:\Users\Stephanie\AppData\Local\xobni_installer_updater.log 2014-05-08 00:09 - 2015-09-09 18:15 - 0000333 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Stephanie\AppData\Local\Temp\blgikniv.dll C:\Users\Stephanie\AppData\Local\Temp\BSI.exe C:\Users\Stephanie\AppData\Local\Temp\CopyTransContactsMDHelper(1).exe C:\Users\Stephanie\AppData\Local\Temp\CopyTransContactsMDHelper(2).exe C:\Users\Stephanie\AppData\Local\Temp\CopyTransContactsMDHelper(3).exe C:\Users\Stephanie\AppData\Local\Temp\CopyTransContactsMDHelper.exe C:\Users\Stephanie\AppData\Local\Temp\dotnetfx.exe C:\Users\Stephanie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgah_67.dll C:\Users\Stephanie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvw0pbr.dll C:\Users\Stephanie\AppData\Local\Temp\Foxit Updater.exe C:\Users\Stephanie\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe C:\Users\Stephanie\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe C:\Users\Stephanie\AppData\Local\Temp\jre-8u60-windows-au.exe C:\Users\Stephanie\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Stephanie\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Stephanie\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Stephanie\AppData\Local\Temp\lowproc.exe C:\Users\Stephanie\AppData\Local\Temp\ofb_1_00.exe C:\Users\Stephanie\AppData\Local\Temp\On4UD.dll C:\Users\Stephanie\AppData\Local\Temp\onecal1.exe C:\Users\Stephanie\AppData\Local\Temp\outlooksoclconnector_2010_32.exe C:\Users\Stephanie\AppData\Local\Temp\outlook_2010_32.exe C:\Users\Stephanie\AppData\Local\Temp\qoxbxde_.dll C:\Users\Stephanie\AppData\Local\Temp\Setup.exe C:\Users\Stephanie\AppData\Local\Temp\SetupHook.Dll C:\Users\Stephanie\AppData\Local\Temp\shelper.dll C:\Users\Stephanie\AppData\Local\Temp\stubhelper.dll C:\Users\Stephanie\AppData\Local\Temp\sync2_2_64_2674_x86.exe C:\Users\Stephanie\AppData\Local\Temp\Synology Cloud Station Drive-4.0-4055.exe C:\Users\Stephanie\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe C:\Users\Stephanie\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe C:\Users\Stephanie\AppData\Local\Temp\tmp655C.exe C:\Users\Stephanie\AppData\Local\Temp\unrar.dll C:\Users\Stephanie\AppData\Local\Temp\vlc-2.1.3-win32.exe C:\Users\Stephanie\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\Stephanie\AppData\Local\Temp\wusetup.exE ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-29 11:14 ==================== Ende von FRST.txt ============================ |
| Themen zu Word-Anhang Büromarkt Boettcher in Vorschau geöffnet, ESET meldet JS/Astromenda.A u.a. |
| adobe, bonjour, computer, defender, dnsapi.dll, email, error, excel, explorer, firefox, flash player, google analytics, home, mozilla, onedrive, prozesse, registry, rundll, server, services.exe, software, svchost.exe, synology, system, temp, virus, windows, winlogon.exe, wiso |
Baum-Darstellung