|
Log-Analyse und Auswertung: GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
27.02.2016, 12:14 | #1 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Hallo liebes "Trojaner-Board.de"-Team; danke für Eure kostenlose Hilfe!! Seit einigen Tagen verschickt mein GMX-Account eigenständig Nachrichten an Adressbuchkontakte und auch an Kontakte, die ich nicht im Adressbuch habe!!! (Fb,WhatsApp,...???) Inhalt der Nachrichten ist: "Hello! New message, pease read hxxp://sereneplast.com/wild.php ***Mein Name***" Wichtige Info: Ich nutze GMX sowohl über die Homepage (gmx.net) von 2 Geräten aus ([Notebook= 1. FRST] + [Stand-PC= 2.FRST+Panda-Logfile]), als auch über mein Smartphone (GMX-App)... Ich habe keine Ahnung, wie ich vorgehen soll! Bitte um eure Hilfe Danke vielmals!!! FRST-Ergebnis Notebook Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016 durchgeführt von Benedikt (Administrator) auf NOTEBOOK (27-02-2016 11:46:48) Gestartet von C:\Users\Benedikt\Downloads Geladene Profile: Benedikt (Verfügbare Profile: Benedikt) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel Corporation) C:\Windows\System32\DptfParticipantDisplayService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\Program Files (x86)\3InternetManager\3InternetManager.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe () C:\Windows\SysWOW64\UMonit64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Windows\System32\MRT.exe (Microsoft Corporation) C:\Windows\System32\MRT.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\14071AppMachine.Timber_3.1.5.0_x64__tr01v63sm0crm\TinderWin.UWP.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-15] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [920280 2015-04-17] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTek Computer Inc.) HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\...\RunOnce: [Uninstall C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\...\RunOnce: [Uninstall C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1" ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-24] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\..\Interfaces\{45c8af02-22a8-40a9-b968-2c9501bc0905}: [NameServer] 213.94.78.17 213.94.78.16 Tcpip\..\Interfaces\{56c3f028-1d4b-439f-9e30-e306595c8293}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{e9f2172e-35a7-4fcf-b5b8-785fe6c4f527}: [NameServer] 213.94.78.17 213.94.78.16 Internet Explorer: ================== HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://at.search.yahoo.com/?type=435371&fr=spigot-yhp-ie HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001 -> {D504C739-CAF2-4C7A-9DD9-05900F5D96A0} URL = hxxps://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation) BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\0tg1pcio.default FF SelectedSearchEngine: Yahoo! FF Homepage: www.google.at FF Keyword.URL: hxxps://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=435371&p= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-08] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\0tg1pcio.default\searchplugins\yahoo_ff.xml [2016-01-26] FF Extension: Adblock Plus - C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\0tg1pcio.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation) R2 DptfParticipantDisplayService; C:\WINDOWS\System32\DptfParticipantDisplayService.exe [141944 2014-09-15] (Intel Corporation) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-15] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2014-09-15] (Intel Corporation) R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-09-15] (Intel Corporation) R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2014-09-15] (Intel Corporation) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [97680 2015-07-28] (ASUS Corporation) S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation) S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-10-30] (Microsoft Corporation) S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-15] (Intel Corporation) R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2014-09-15] (Intel Corporation) S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-15] (Intel Corporation) S3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-09-15] (Intel Corporation) R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2014-09-15] (Intel Corporation) S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-15] (Intel Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [290256 2014-09-15] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [495320 2014-09-15] (Intel Corporation) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic) S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [246272 2013-06-29] (Huawei Technologies Co., Ltd.) R3 hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.) R3 hwusb_wwanecm; C:\Windows\System32\drivers\ew_wwanecm.sys [376448 2013-11-01] (Huawei Technologies Co., Ltd.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] () R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] () R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation) S3 mtkmbim; C:\Windows\system32\DRIVERS\mtkmbim7_x64.sys [209920 2012-12-14] (MBB) R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation) R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [82944 2012-12-13] (MBB) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-27 11:46 - 2016-02-27 11:47 - 00017826 _____ C:\Users\Benedikt\Downloads\FRST.txt 2016-02-27 11:46 - 2016-02-27 11:46 - 02371072 _____ (Farbar) C:\Users\Benedikt\Downloads\FRST64.exe 2016-02-27 11:46 - 2016-02-27 11:46 - 00000000 ____D C:\FRST 2016-02-15 14:18 - 2016-02-15 14:18 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-02-15 14:18 - 2016-02-15 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-02-13 14:19 - 2016-02-13 17:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-12 10:43 - 2016-02-12 10:43 - 00022800 _____ C:\Users\Benedikt\Downloads\Grundriss D1 33m2.pdf 2016-02-10 20:50 - 2016-02-10 20:50 - 00361085 _____ C:\Users\Benedikt\Desktop\Gut gegen Nordwind Ticket 2.pdf 2016-02-10 20:49 - 2016-02-10 20:49 - 00361067 _____ C:\Users\Benedikt\Desktop\Gut gegen Nordwind Ticket 1.pdf 2016-02-10 16:34 - 2016-02-10 16:34 - 00263970 _____ C:\Users\Benedikt\Downloads\Folder_Vertragspartner_2015.pdf 2016-02-10 16:00 - 2016-02-10 16:00 - 00340867 _____ C:\Users\Benedikt\Downloads\Informationsbroschuere_Unfall_2015.pdf 2016-02-10 15:15 - 2016-02-10 22:02 - 00000000 ____D C:\Users\Benedikt\Desktop\Laufende Versicherungen 2016-02-10 14:53 - 2016-02-12 21:06 - 00000000 ____D C:\Users\Benedikt\Desktop\Dokumente für die Anstellung in Vorarlberg 2016-02-05 16:03 - 2016-02-05 16:03 - 00000000 ___HD C:\OneDriveTemp 2016-01-28 13:26 - 2016-02-27 11:09 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{99FC3452-8FE4-4418-8CFE-402BD7A9F452} 2016-01-28 02:20 - 2016-01-28 02:20 - 00717388 _____ C:\WINDOWS\Minidump\012816-6296-01.dmp 2016-01-28 02:20 - 2016-01-28 02:20 - 00000000 ____D C:\WINDOWS\Minidump ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-27 11:09 - 2015-10-30 19:35 - 00784192 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-27 11:09 - 2015-10-30 19:35 - 00158488 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-27 11:09 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-27 11:09 - 2015-08-06 15:00 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-27 11:07 - 2015-02-10 15:11 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-27 11:05 - 2015-02-01 14:17 - 00000094 _____ C:\Users\Benedikt\AppData\Roaming\sp_data.sys 2016-02-25 00:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-23 13:09 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-22 15:16 - 2015-07-18 18:10 - 00000000 ____D C:\Users\Benedikt\AppData\Roaming\Skype 2016-02-21 14:21 - 2016-01-10 22:15 - 00000000 ____D C:\Windows.old 2016-02-15 15:56 - 2015-02-01 14:17 - 00000000 ____D C:\Users\Benedikt\AppData\Local\Packages 2016-02-15 14:18 - 2015-07-18 18:10 - 00000000 ____D C:\Users\Benedikt\AppData\Local\Skype 2016-02-15 14:18 - 2015-07-18 18:09 - 00000000 ____D C:\ProgramData\Skype 2016-02-13 17:18 - 2015-10-12 16:34 - 00000000 ____D C:\ProgramData\tmp 2016-02-13 17:15 - 2015-02-01 14:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-10 00:16 - 2015-03-15 21:29 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 00:15 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-10 00:15 - 2015-03-15 21:29 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-05 16:03 - 2015-02-01 14:23 - 00000000 __RDO C:\Users\Benedikt\OneDrive 2016-02-05 15:48 - 2015-08-06 16:02 - 00002398 _____ C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-05 14:01 - 2015-02-08 14:10 - 00000000 ____D C:\Users\Benedikt\Documents\Karriere 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-28 12:57 - 2015-08-07 23:54 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2016-01-28 12:56 - 2016-01-10 22:20 - 00000000 ____D C:\Users\Benedikt 2016-01-28 12:56 - 2016-01-10 22:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-28 12:56 - 2015-02-01 14:17 - 00000000 __SHD C:\Users\Benedikt\IntelGraphicsProfiles 2016-01-28 02:20 - 2016-01-10 22:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-28 02:17 - 2015-05-22 03:24 - 00000000 ____D C:\Users\Benedikt\AppData\Roaming\uTorrent ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-01 14:17 - 2016-02-27 11:05 - 0000094 _____ () C:\Users\Benedikt\AppData\Roaming\sp_data.sys 2014-05-15 16:58 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-05-15 16:58 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-05-15 16:58 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Einige Dateien in TEMP: ==================== C:\Users\Benedikt\AppData\Local\Temp\offer-2D0EB7EB-F90A-434B-B260-C4B0BD2CEF18.exe C:\Users\Benedikt\AppData\Local\Temp\offer-FFDEF875-9141-4EBF-8559-23AD11C347BC.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-10 11:28 ==================== Ende von FRST.txt ============================ FRST_Ergebnis Stand-PC Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016 durchgeführt von Ben (Administrator) auf BEN-PC (27-02-2016 12:21:57) Gestartet von J:\ Geladene Profile: Ben (Verfügbare Profile: Ben) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Windows\SysWOW64\HsMgr.exe () C:\Windows\system\HsMgr64.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (CMedia) C:\Program Files\ASUS Xonar D1 Audio\Customapp\AsusAudioCenter.exe () C:\Program Files\ASUS Xonar D1 Audio\Customapp\MXmon.exe () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Akamai Technologies, Inc.) C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Akamai Technologies, Inc.) C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Apple Inc.) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.cpl,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-05-05] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [281088 2008-05-05] () HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-05-04] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2662424 2014-10-06] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security, S.L.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Google Update] => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [955792 2012-05-04] (Samsung) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] () HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-08] (AMD) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [GalaxyClient] => C:\Games\GalaxyClient\GalaxyClient.exe /launchViaAutoStart HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Dropbox Update] => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {cecf4499-ad7e-11e1-bf40-002215ab262a} - J:\Startme.exe HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {d37daeaf-dc5f-11e0-bd44-806e6f6e6963} - D:\AutoRun.exe HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {f72e12aa-59f8-11e3-b7eb-002215ab262a} - J:\Autorun.exe ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-07-02] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-05-09] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:50456;https=127.0.0.1:50456 Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{B1746085-C6EF-47B6-85F2-DE84A3ED9E92}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} HKU\S-1-5-21-2716085258-967733617-559326010-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 HKU\S-1-5-21-2716085258-967733617-559326010-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 URLSearchHook: HKU\S-1-5-21-2716085258-967733617-559326010-1000 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279141&CUI=UN45848927823476813 SearchScopes: HKU\S-1-5-21-2716085258-967733617-559326010-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279141&CUI=UN45848927823476813 SearchScopes: HKU\S-1-5-21-2716085258-967733617-559326010-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275&q={searchTerms} SearchScopes: HKU\S-1-5-21-2716085258-967733617-559326010-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279141&CUI=UN45848927823476813 BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll [2014-08-30] (AVG Secure Search) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1415545959&from=amt&uid=WDCXWD20EARX-00PASB0_WD-WCAZA847027570275 FireFox: ======== FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll [Keine Datei] FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2010-02-19] (Metaboli) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ben\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @talk.google.com/O1DPlugin -> C:\Users\Ben\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ben\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-04] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Ben\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Ben\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml [2014-11-09] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-10-06] FF Extension: Image Search Options - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2015-09-09] FF Extension: British English Dictionary - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\Extensions\en-GB@dictionaries.addons.mozilla.org [2015-12-20] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-02-12] [ist nicht signiert] FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-02-12] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-21] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\z8cixtga.default\extensions\faststartff@gmail.com => nicht gefunden FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24] CHR Extension: (Google Search) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24] CHR Extension: (Kaspersky URL Advisor) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2012-10-12] CHR Extension: (Virtual Keyboard) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2012-10-12] CHR Extension: (uTorrentBar_DE) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc [2012-10-12] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT2851647&extensionData=<extension_data>] <==== ACHTUNG CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-10-12] CHR Extension: (WhiteSmoke B) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp [2013-08-24] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3279141&extensionData=\u003Cextension_data\u003E] <==== ACHTUNG CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24] CHR Extension: (Anti-Banner) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2012-10-12] CHR HKU\S-1-5-21-2716085258-967733617-559326010-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Ben\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-23] CHR HKU\S-1-5-21-2716085258-967733617-559326010-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Ben\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx [2013-02-14] CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Ben\AppData\Local\Temp\crxC62F.tmp <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] CHR HKLM-x32\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Ben\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx [2013-02-14] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-29] (GOG.com) S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Datei ist nicht signiert] R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security, S.L.) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert] R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security, S.L.) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-23] () R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security, S.L.) R2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-08-30] (AVG Secure Search) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 GalaxyClientService; "C:\Games\GalaxyClient\GalaxyClientService.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2012-04-02] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-30] (AVG Technologies) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1358336 2008-06-23] (C-Media Inc) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-22] (DT Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 FFUsbAudio; C:\Windows\System32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Ltd.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2012-04-02] () R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [57648 2015-05-20] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [73464 2015-08-31] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.) R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.) R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.) R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.) R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) S2 SVKP; C:\Windows\SysWOW64\SVKP.sys [2368 2012-07-13] (AntiCracking) [Datei ist nicht signiert] R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [Datei ist nicht signiert] U4 secdrv; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-27 12:21 - 2016-02-27 12:21 - 00000000 ____D C:\FRST 2016-02-27 10:37 - 2016-02-27 10:37 - 00000000 ____D C:\Users\Ben\Documents\Bands 2016-02-27 10:28 - 2016-02-27 10:28 - 00000000 ____D C:\Users\Ben\Documents\Versicherungen 2016-02-26 20:43 - 2016-02-26 20:44 - 00000000 ____D C:\Windows\LastGood 2016-02-25 00:39 - 2016-02-25 00:50 - 00000000 ____D C:\Users\Ben\Downloads\IBM SPSS Statistics v23 x64 2016-02-23 23:13 - 2016-02-24 01:03 - 00000000 ____D C:\Users\Ben\Downloads\Top Gun (Deluxe Edition) 2005 [Music From & Inspired By The Motion Picture] 2014 MP3 2016-02-23 23:12 - 2016-02-24 01:12 - 00000000 ____D C:\Users\Ben\Downloads\Jerry Lee Lewis - The Definitive Collection (2005) [320] vtwin88cube 2016-02-22 13:45 - 2016-02-22 13:54 - 00000000 ____D C:\ProgramData\firebird 2016-02-22 13:44 - 2016-02-22 13:44 - 79336865 _____ (Fairware24 ) C:\Users\Ben\Downloads\tarifrechnersetupoesterreich.exe 2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Janitos 2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\ProgramData\JanitosTarifrechner 2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\Program Files (x86)\Fairware24 2016-02-20 15:17 - 2016-02-20 15:17 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-18 20:26 - 2016-02-22 14:08 - 00013881 _____ C:\Users\Ben\Desktop\Finanzübersicht.xlsx 2016-02-12 11:31 - 2016-02-18 17:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-10 11:07 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-10 11:07 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-10 11:07 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-10 11:07 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-10 11:07 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-10 11:07 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-10 11:07 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-10 11:07 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-10 11:07 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-10 11:07 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-10 11:07 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-10 11:07 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-10 11:07 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-10 11:07 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-10 11:07 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-10 11:07 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-10 11:07 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-10 11:07 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-10 11:07 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-10 11:07 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-10 11:07 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-10 11:07 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-10 11:07 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-10 11:07 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-10 11:07 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-10 11:07 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-10 11:07 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-10 11:07 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-10 11:07 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-10 11:07 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-10 11:07 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-10 11:07 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-02-10 11:07 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-10 11:07 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-10 11:07 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-10 11:07 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-10 11:07 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-10 11:07 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-10 11:07 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-10 11:07 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-10 11:07 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-10 11:07 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-10 11:07 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-10 11:07 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-10 11:07 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-10 11:07 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-10 11:07 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-10 11:07 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-10 11:07 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-10 11:07 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-10 11:07 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-10 11:07 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-10 11:07 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-02-10 11:07 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-10 11:07 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-10 11:07 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-10 11:07 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-10 11:07 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-10 11:07 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-10 11:07 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-10 11:07 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-10 11:07 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-10 11:07 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-10 11:07 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-10 11:07 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-10 11:07 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-10 11:07 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 11:07 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 11:07 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 11:07 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-02-10 11:07 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-02-10 11:06 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 11:06 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 11:06 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 11:06 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-10 11:06 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 11:06 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 11:06 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 11:06 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 11:06 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 11:06 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-10 11:06 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 11:06 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 11:06 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 11:06 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 11:06 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 11:06 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 11:06 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 11:06 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-10 11:06 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-10 11:06 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 11:06 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 11:06 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-10 11:06 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-10 11:06 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-10 11:06 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-02-10 11:06 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 11:06 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 11:06 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-10 11:06 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 11:06 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 11:06 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 11:06 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 11:06 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 11:06 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 11:06 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-10 11:06 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-10 11:06 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 11:06 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-02-10 11:06 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 11:06 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 11:06 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 11:06 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 11:06 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-02-10 11:06 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 11:06 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 11:06 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 11:06 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 11:06 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 11:06 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 11:06 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 11:06 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-02-10 11:06 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-02-10 11:06 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-02-10 11:06 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-02-10 11:06 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 11:06 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 11:05 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 11:05 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 11:05 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 11:05 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-02-10 11:05 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-10 11:05 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-10 11:05 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 11:05 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-02-10 11:05 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-10 11:05 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-10 11:05 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-10 11:05 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-09 18:40 - 2015-05-22 09:45 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2016-02-05 16:02 - 2016-02-05 16:02 - 00056831 _____ C:\Users\Ben\Desktop\A-Trust Signaturvertrag 1287349.pdf 2016-01-30 15:55 - 2016-01-30 15:55 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Watch Dogs ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-27 12:18 - 2015-10-23 12:13 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job 2016-02-27 11:50 - 2012-09-17 10:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-02-27 11:44 - 2011-11-11 14:32 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job 2016-02-27 11:43 - 2012-05-10 19:55 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-27 11:04 - 2011-10-21 13:02 - 00000000 ____D C:\Users\Ben\Documents\Jobs 2016-02-27 11:03 - 2014-07-16 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-02-27 11:03 - 2012-05-22 15:42 - 00000000 ____D C:\Games 2016-02-27 11:01 - 2014-10-30 22:05 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-27 10:39 - 2016-01-21 23:25 - 00000000 ____D C:\Users\Ben\AppData\Local\TechSmith 2016-02-27 10:39 - 2016-01-21 23:24 - 00000000 ____D C:\ProgramData\TechSmith 2016-02-27 10:37 - 2012-04-18 15:10 - 00000000 ____D C:\Users\Ben\Documents\Steinberg 2016-02-27 10:36 - 2013-05-15 19:37 - 00000000 ____D C:\Users\Ben\Documents\EndNote 2016-02-27 10:36 - 2012-10-21 20:04 - 00000000 ____D C:\Users\Ben\Documents\Finale-Dateien 2016-02-27 10:35 - 2011-11-24 20:43 - 00000000 ____D C:\Users\Ben\Desktop\My Games 2016-02-27 10:32 - 2016-01-22 10:01 - 00000000 ____D C:\Users\Ben\AppData\Local\CrashDumps 2016-02-27 10:08 - 2011-09-25 21:10 - 00000000 ____D C:\Users\Ben\AppData\Local\Adobe 2016-02-26 20:51 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-26 20:51 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-26 20:44 - 2012-05-10 19:55 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-26 20:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-02-25 00:53 - 2011-10-13 15:07 - 00000000 ____D C:\Users\Ben\AppData\Roaming\uTorrent 2016-02-25 00:40 - 2015-07-21 21:27 - 00000000 ____D C:\Users\Ben\Desktop\Lenny 2016-02-24 16:01 - 2011-10-01 17:12 - 00000000 ____D C:\Users\Ben\AppData\Roaming\vlc 2016-02-24 14:10 - 2015-10-23 12:13 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job 2016-02-24 12:43 - 2011-11-11 14:32 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job 2016-02-21 18:11 - 2012-10-31 10:50 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Skype 2016-02-20 15:17 - 2011-10-30 12:12 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Dropbox 2016-02-19 21:54 - 2012-10-12 22:29 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-19 21:54 - 2011-11-11 14:33 - 00002377 _____ C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-18 18:29 - 2011-09-11 13:45 - 00000000 ____D C:\Users\Ben\AppData\Local\Microsoft Help 2016-02-18 17:05 - 2012-04-25 13:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-16 16:51 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat 2016-02-16 16:51 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat 2016-02-16 16:51 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI 2016-02-16 16:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-02-12 22:45 - 2011-09-18 11:26 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client 2016-02-11 19:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-02-10 20:50 - 2012-09-17 10:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-10 20:50 - 2012-09-17 10:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-02-10 20:50 - 2011-09-11 12:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-10 20:21 - 2015-10-12 21:31 - 00003568 _____ C:\Windows\System32\Tasks\TinyTakeUpgrade 2016-02-10 20:14 - 2009-07-14 05:45 - 00503416 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-10 20:11 - 2014-12-10 23:00 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-10 20:11 - 2014-05-06 22:48 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-02-10 20:11 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 16:14 - 2013-08-16 02:01 - 00000000 ____D C:\Windows\system32\MRT 2016-02-10 16:06 - 2011-09-12 18:52 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-02-09 23:05 - 2011-10-30 12:48 - 00000000 ___RD C:\Users\Ben\Dropbox 2016-02-02 12:38 - 2012-05-10 19:55 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 12:38 - 2012-05-10 19:55 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-02 12:38 - 2011-11-11 14:32 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA 2016-02-02 12:38 - 2011-11-11 14:32 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core 2016-01-30 22:21 - 2014-07-31 16:44 - 00000000 ____D C:\ProgramData\Orbit 2016-01-30 15:55 - 2016-01-15 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics 2016-01-29 11:07 - 2015-05-21 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2016-01-28 23:32 - 2012-10-12 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-05-10 22:15 - 2015-10-12 21:26 - 0011264 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-02-05 12:28 - 2008-02-05 12:28 - 0000051 _____ () C:\Users\Ben\AppData\Local\setup.txt 2011-10-26 19:37 - 2011-10-26 19:37 - 0017408 _____ () C:\Users\Ben\AppData\Local\WebpageIcons.db Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Ben\PhotoshopElements_12_LS25.exe C:\Users\Ben\PremiereElements_12_LS26_win64.exe Einige Dateien in TEMP: ==================== C:\Users\Ben\AppData\Local\Temp\12-10_vista_win7_win8_64_dd_ccc_whql_net4.exe C:\Users\Ben\AppData\Local\Temp\12-1_vista_win7_64_dd_ccc.exe C:\Users\Ben\AppData\Local\Temp\41nohh3x344.jpg.exe C:\Users\Ben\AppData\Local\Temp\7za.exe C:\Users\Ben\AppData\Local\Temp\aacdec.exe C:\Users\Ben\AppData\Local\Temp\ABP_InstallChecker.exe C:\Users\Ben\AppData\Local\Temp\ABP_TB0001.exe C:\Users\Ben\AppData\Local\Temp\Bass.dll C:\Users\Ben\AppData\Local\Temp\Bass.Net.dll C:\Users\Ben\AppData\Local\Temp\binkw32.dll C:\Users\Ben\AppData\Local\Temp\bundlesweetimsetup.exe C:\Users\Ben\AppData\Local\Temp\CH.dll C:\Users\Ben\AppData\Local\Temp\CNC4LauncherUpdate.exe C:\Users\Ben\AppData\Local\Temp\d2l_Install.exe C:\Users\Ben\AppData\Local\Temp\DownloadSetup_94Zvk.exe C:\Users\Ben\AppData\Local\Temp\drm_dialogs.dll C:\Users\Ben\AppData\Local\Temp\drm_dyndata_7270014.dll C:\Users\Ben\AppData\Local\Temp\drm_dyndata_7330014.dll C:\Users\Ben\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgeeud6.dll C:\Users\Ben\AppData\Local\Temp\DWPUpgradeInstaller.exe C:\Users\Ben\AppData\Local\Temp\EBU1768.exe C:\Users\Ben\AppData\Local\Temp\EBU1FC2.DLL C:\Users\Ben\AppData\Local\Temp\ESET-activation.exe C:\Users\Ben\AppData\Local\Temp\installerdll1074534.dll C:\Users\Ben\AppData\Local\Temp\installerdll1333761.dll C:\Users\Ben\AppData\Local\Temp\installerdll1656777.dll C:\Users\Ben\AppData\Local\Temp\installerdll708150.dll C:\Users\Ben\AppData\Local\Temp\installerdll718790.dll C:\Users\Ben\AppData\Local\Temp\installerdll9768720.dll C:\Users\Ben\AppData\Local\Temp\installerdll9778891.dll C:\Users\Ben\AppData\Local\Temp\iw5sp.exe C:\Users\Ben\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Ben\AppData\Local\Temp\Offer100.exe C:\Users\Ben\AppData\Local\Temp\ose00000.exe C:\Users\Ben\AppData\Local\Temp\pixsetup.exe C:\Users\Ben\AppData\Local\Temp\readSTILog.dll C:\Users\Ben\AppData\Local\Temp\Risweb32.exe C:\Users\Ben\AppData\Local\Temp\rootsupd.exe C:\Users\Ben\AppData\Local\Temp\rundll32.exe C:\Users\Ben\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Ben\AppData\Local\Temp\Setup.exe C:\Users\Ben\AppData\Local\Temp\sonarinst.exe C:\Users\Ben\AppData\Local\Temp\tmp2C13.exe C:\Users\Ben\AppData\Local\Temp\tmp3217.exe C:\Users\Ben\AppData\Local\Temp\tmp7E05.exe C:\Users\Ben\AppData\Local\Temp\tmp8F24.exe C:\Users\Ben\AppData\Local\Temp\tmpB71E.exe C:\Users\Ben\AppData\Local\Temp\tmpDA57.exe C:\Users\Ben\AppData\Local\Temp\tmpDD24.exe C:\Users\Ben\AppData\Local\Temp\Tsu-0DA4.dll C:\Users\Ben\AppData\Local\Temp\Tsu4F6041C1.dll C:\Users\Ben\AppData\Local\Temp\ubiFA46.tmp.exe C:\Users\Ben\AppData\Local\Temp\unrar.dll C:\Users\Ben\AppData\Local\Temp\utils.dll C:\Users\Ben\AppData\Local\Temp\utt9DB2.tmp.exe C:\Users\Ben\AppData\Local\Temp\vcredist_x64.exe C:\Users\Ben\AppData\Local\Temp\vcredist_x86.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.0.2-win32.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.0.5-win32.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.1.1-win32.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\Ben\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe C:\Users\Ben\AppData\Local\Temp\YontooSetup-S.exe C:\Users\Ben\AppData\Local\Temp\_is737E.exe C:\Users\Ben\AppData\Local\Temp\_isB6F0.exe C:\Users\Ben\AppData\Local\Temp\_isFE2C.exe C:\Users\Ben\AppData\Local\Temp\{A6F12165-3DEB-4252-AD1C-B55F3D795187}.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-18 19:10 ==================== Ende von FRST.txt ============================ Code:
ATTFilter timestamp,job Id,profile,date,job type,task type,file (path),pid,result 57543261, 7670, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk, 3752 57543261, 7670, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player FLV Player.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57543324, 7671, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk, 3752 57543324, 7671, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\FLV Player Uninstall FLV Player.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57543480, 7672, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Panda Free Antivirus.lnk, 3752 57543480, 7672, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Panda Free Antivirus.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57543511, 7673, 1, Sat Feb 27 12:41:49 2016, Analysis request, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite\USB Audio & MIDI Driver\Audio Control Panel.lnk, 3752 57543511, 7673, 1, Sat Feb 27 12:41:49 2016, Analysis result, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite\USB Audio & MIDI Driver\Audio Control Panel.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57544276, 7674, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS EXE, C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll, 7080 57544276, 7674, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS EXE, C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll, 7080, OFFLINE, 24-02-2016 14:38,, A49748E70AF82131C256C40BDF8F538D, 10, 1, -, 0, 0, 0, - 57544307, 7675, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\rtl120.bpl, 4540 57544307, 7675, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\rtl120.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57544307, 7676, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\vcl120.bpl, 4540 57544307, 7676, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\vcl120.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57544307, 7677, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Windows\SysWOW64\winspool.drv, 4540 57544307, 7677, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Windows\SysWOW64\winspool.drv, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57544307, 7678, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUACtrls.bpl, 4540 57544307, 7678, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUACtrls.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57544307, 7679, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\bcbie120.bpl, 4540 57544307, 7679, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Panda Security\Panda Security Protection\bcbie120.bpl, 4540, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57544322, 7680, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS EXE, C:\Windows\System32\NlsData001a.dll, 4164 57544447, 7680, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS EXE, C:\Windows\System32\NlsData001a.dll, 4164, OFFLINE, 24-02-2016 14:38,,, -, -, -, 30, -, -, - 57544572, 7681, 1, Sat Feb 27 12:41:50 2016, Analysis request, ON ACCESS EXE, C:\Windows\System32\NlsLexicons001a.dll, 4164 57544619, 7681, 1, Sat Feb 27 12:41:50 2016, Analysis result, ON ACCESS EXE, C:\Windows\System32\NlsLexicons001a.dll, 4164, OFFLINE, 24-02-2016 14:38,,, -, -, -, 30, -, -, - 57550890, 7685, 1, Sat Feb 27 12:41:57 2016, Analysis request, ON ACCESS EXECUTION, C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE, 4428 57550921, 7685, 1, Sat Feb 27 12:41:57 2016, Analysis result, ON ACCESS EXECUTION, C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE, 4428, OFFLINE, 24-02-2016 14:38,, DC353503FD136FABFA63840B229DD7F5, -, -, -, -, 30, -, 0 57550999, 7686, 1, Sat Feb 27 12:41:57 2016, Analysis request, ON ACCESS, C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF, 4428 57550999, 7686, 1, Sat Feb 27 12:41:57 2016, Analysis result, ON ACCESS, C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF, 4428, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57606832, 7689, 1, Sat Feb 27 12:42:53 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 7 64bit\Dokumentation\English\PlugIn-Referenz.lnk, 3752 57606832, 7689, 1, Sat Feb 27 12:42:53 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 7 64bit\Dokumentation\English\PlugIn-Referenz.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57606863, 7690, 1, Sat Feb 27 12:42:53 2016, Analysis request, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 200 color M251\Produktsoftware deinstallieren.lnk, 3752 57606863, 7690, 1, Sat Feb 27 12:42:53 2016, Analysis result, ON ACCESS, C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP\HP LaserJet 200 color M251\Produktsoftware deinstallieren.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57607082, 7691, 1, Sat Feb 27 12:42:53 2016, Analysis request, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk, 3752 57607082, 7691, 1, Sat Feb 27 12:42:53 2016, Analysis result, ON ACCESS, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - 57608267, 7692, 1, Sat Feb 27 12:42:54 2016, Analysis request, ON ACCESS EXE, C:\Windows\System32\SNTSearch.dll, 3752 57608283, 7692, 1, Sat Feb 27 12:42:54 2016, Analysis result, ON ACCESS EXE, C:\Windows\System32\SNTSearch.dll, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, 30, -, -, - 57608361, 7693, 1, Sat Feb 27 12:42:54 2016, Analysis request, ON ACCESS, C:\Users\Ben\Desktop\Panda Free Antivirus.lnk, 3752 57608361, 7693, 1, Sat Feb 27 12:42:54 2016, Analysis result, ON ACCESS, C:\Users\Ben\Desktop\Panda Free Antivirus.lnk, 3752, OFFLINE, 24-02-2016 14:38,,, -, -, -, -, -, 0, - Geändert von Benkenobi (27.02.2016 um 12:46 Uhr) |
27.02.2016, 21:26 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! moin
__________________Addition.txt Logfile fehlt, bitte nachreichen. Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
28.02.2016, 12:09 | #3 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Sorry, hier bitte...
__________________Addition Notebook Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016 durchgeführt von Benedikt (2016-02-27 11:47:27) Gestartet von C:\Users\Benedikt\Downloads Windows 10 Home Version 1511 (X64) (2016-01-10 21:27:41) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3481499257-3068839652-1372755572-500 - Administrator - Disabled) Benedikt (S-1-5-21-3481499257-3068839652-1372755572-1001 - Administrator - Enabled) => C:\Users\Benedikt DefaultAccount (S-1-5-21-3481499257-3068839652-1372755572-503 - Limited - Disabled) Gast (S-1-5-21-3481499257-3068839652-1372755572-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) 3InternetManager (HKLM-x32\...\3InternetManager) (Version: 3.1.0.169 - Hutchison Drei Austria GmbH) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe) Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.1 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS) BIPA FotoShop (HKLM-x32\...\BIPA FotoShop) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.1.6599 - Thomson Reuters) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.) Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4787.1002 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4787.1002 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) NVIDIA Graphics Driver 333.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 333.02 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek) RescuePRO Deluxe 5.2.5.6 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.2.5.6 - LC Technology International, Inc.) ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - ) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.) Startfenster (HKLM-x32\...\Startfenster) (Version: - Startfenster) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows-Treiberpaket - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS) Windows-Treiberpaket - MediaTek (wdf_usb) Modem (12/10/2012 1.0.1250.0) (HKLM\...\109193E5BE35D1873F3B0C1F539D4716499C8131) (Version: 12/10/2012 1.0.1250.0 - MediaTek) Windows-Treiberpaket - MediaTek (wdf_usb) Ports (12/10/2012 1.0.1250.0) (HKLM\...\4C0A5FC4365B283849D4F6C6D4DCCEB7675A25FC) (Version: 12/10/2012 1.0.1250.0 - MediaTek) Windows-Treiberpaket - MediaTek Inc. (mtkmbim) Net (12/14/2012 1.12.50.1) (HKLM\...\828C056ECF03C21200ED05F187788F5D109292A4) (Version: 12/14/2012 1.12.50.1 - MediaTek Inc.) Windows-Treiberpaket - MediaTek Inc. (mtkmbim) Net (12/14/2012 1.12.50.1) (HKLM\...\C578DA937710F3D814F55953CE11CD7CC8D4330E) (Version: 12/14/2012 1.12.50.1 - MediaTek Inc.) Windows-Treiberpaket - MediaTek Inc. (mtkmbim) Net (12/14/2012 1.12.50.1) (HKLM\...\E203C14866DFC39313EC771E058A7D006F255B48) (Version: 12/14/2012 1.12.50.1 - MediaTek Inc.) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3481499257-3068839652-1372755572-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Benedikt\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0101CF41-3795-4D2D-B888-16906A83E677} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {1E786C9D-2FF6-4DAE-9B36-60C6625F9B78} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {22F83E8C-17CF-443E-BF26-A1DA25826DF0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {2F4BA75D-2271-46B0-9503-A38974DAB89D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {31B9343F-2449-4391-A0FF-8F30F9269CF7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {35F6A107-001E-452D-A4BA-550DF245FA8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-07-09] (ASUSTek Computer Inc.) Task: {43AA1CBB-91D2-4777-8186-B52466AE7518} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {4519DB7B-374F-43DD-A2C1-BBF2DE1A73E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) Task: {482398AF-ACB6-43C6-A6B9-E56FBD44AD16} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {52BD3DE1-06A3-480C-8682-3A9F9B15DB2A} - System32\Tasks\1014avtUpdateInfo => C:\ProgramData\Avg_Update_1014avt\1014avt_AVG-Secure-Search-Update.exe [2014-09-23] () Task: {5AB90680-DDA9-4C7C-A00F-A6821C6D5308} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {61490819-7615-4E84-885C-F7C1AD9C45BE} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {65A7937B-EE93-44A8-92A9-9FB1163865EB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {7CFA0728-5C7F-4B13-ACFA-B53D97B4074F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation) Task: {8A7CBCC8-9C5B-4A27-9E43-3A1F7D0A1257} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {8AFCE532-9F63-4E6A-8BD1-718DD44BF66A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-01-22] (Microsoft Corporation) Task: {960DD0B9-9C60-4935-8094-825DB0309CB2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {9BBA687E-D6BC-405D-A9DD-A9B5835543FF} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {AE912C8D-031A-465B-BADB-DDB09528A160} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-26] () Task: {BFFB920E-E4EF-488E-9020-A45FA24D37ED} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated) Task: {C6662A49-BC35-4260-8CA1-85B6AF158699} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek) Task: {DC2F0531-617E-4EB7-BD34-7C37B07565B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation) Task: {ECF14642-0B1D-41E9-BDD4-7BEC01F51A80} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation) Task: {F59FC8CD-AB31-4019-A052-CD22AE6C93DA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {FF9E8889-D7E4-4967-9DF4-E742C56DB1FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\1014avtUpdateInfo.job => C:\ProgramData\Avg_Update_1014avt\1014avt_AVG-Secure-Search-Update.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-01-10 22:19 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-08 11:32 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-10-28 03:02 - 2013-10-28 03:02 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2013-12-04 09:44 - 2013-12-04 09:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-12-04 09:44 - 2013-12-04 09:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-12-04 09:44 - 2013-12-04 09:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2016-01-10 22:14 - 2016-01-10 22:14 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-01-10 22:14 - 2016-01-10 22:14 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-01-10 22:14 - 2016-01-10 22:14 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-10 22:14 - 2016-01-10 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-01-10 22:14 - 2016-01-10 22:14 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-27 15:11 - 2015-12-27 15:11 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2014-11-30 04:53 - 2014-02-26 04:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe 2016-01-13 22:42 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 22:42 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 22:42 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 22:42 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-02-05 13:44 - 2016-02-05 13:44 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-02-05 13:44 - 2016-02-05 13:44 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-20 10:42 - 2015-11-20 10:42 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-12-13 17:53 - 2015-12-13 17:53 - 00014848 _____ () C:\Program Files\WindowsApps\14071AppMachine.Timber_3.1.5.0_x64__tr01v63sm0crm\TinderWin.UWP.exe 2015-12-13 17:53 - 2015-12-13 17:53 - 12217856 _____ () C:\Program Files\WindowsApps\14071AppMachine.Timber_3.1.5.0_x64__tr01v63sm0crm\TinderWin.UWP.dll 2016-02-06 09:57 - 2016-02-06 09:57 - 03841944 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.0.1602.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll 2016-01-21 19:36 - 2016-01-21 19:37 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2014-11-30 04:47 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2015-07-26 15:49 - 2014-01-09 14:15 - 01146880 ____N () C:\Program Files (x86)\3InternetManager\NDISAPI.DLL 2015-07-26 15:49 - 2013-10-16 13:23 - 00759296 ____N () C:\Program Files (x86)\3InternetManager\Skins\drei\drei.dbskin 2016-01-21 19:36 - 2016-01-21 19:37 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-21 19:36 - 2016-01-21 19:37 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2015-12-24 13:32 - 00000860 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3481499257-3068839652-1372755572-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Benedikt\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\edit 1_golden eagle.jpg DNS Servers: 213.94.78.17 - 213.94.78.16 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{103D2A72-7675-4AF3-9FC4-1128D631B841}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{F228760B-9A0A-4FF2-9B23-CBC7A068E4F3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{BEBB0348-C085-413D-A3C1-F6871D475E6D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{6DC3143F-C390-422B-BB8E-3DD573C0D552}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{05463B71-033E-450A-AEBA-F8875F370A49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0E1B0C5E-4AA3-40DA-815B-971B15CD9AA6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{33005BCD-8679-4184-BDA5-C08C00C9351D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0BADF244-8846-4D4E-8E40-D628DAEFEC04}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{9AE4770D-CE75-42ED-BE37-F453C32BED77}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{C09C2E3A-79DE-4C82-8A92-AFC7D50A906D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{93F8D336-9C9B-4236-9EAB-CBC65ED0920E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B14A9FE1-FE3F-4498-AE56-49697ED4FA52}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{E6E2D906-9778-4C11-B3CF-49CC650AB120}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{95AD198A-A3C1-445C-8EF3-C61FA2256157}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{AB98BA59-7C15-4318-B850-E1AEC4A7EC9A}] => (Allow) C:\Users\Benedikt\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{C9BAEA9C-0FB4-4648-AE17-9402B7041785}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{2D2C5B2E-87B5-4025-86EE-BE453B8FD819}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{E264A315-0772-4E15-81F5-0EFBC2AC8F5A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{8D581717-7BF6-4F8F-A41E-B9DDB9FF9906}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{06F5216A-8133-4412-8653-060468918C9B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{70E10264-8468-4351-904E-5D214AA8FA2C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [TCP Query User{D488FB30-9969-4D36-85F1-BBDB4EFDC777}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{5BA5061D-177C-45B2-84A0-C631E4A9CBD8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{144D497A-50C1-42D8-9633-55A5199ED0C3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9C11FBB2-3181-4DE9-BAC6-CC67745DE4F6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{4B92BF2A-A7C0-41A7-9A52-4038BE981DCE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{77D82DE9-DA75-4B09-987F-553B8F635390}] => (Allow) C:\Program Files (x86)\3InternetManager\3InternetManager.exe FirewallRules: [{5CC15A17-402C-43B9-A32C-BF736DDDEE6B}] => (Allow) C:\Program Files (x86)\3InternetManager\3InternetManager.exe FirewallRules: [TCP Query User{C47E6901-C673-44D8-A8CC-6D8DC7AD7B94}C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{8CDE1CA5-B8EB-45C0-81AE-35099F43C376}C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{68EADD48-D218-4943-94B5-4584457AC613}C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{C575F777-52E4-4618-8D51-7604C70B0539}C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\benedikt\appdata\roaming\utorrent\utorrent.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/27/2016 11:15:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -2143485936 Error: (02/27/2016 11:15:31 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3562ACC9-EC85-43E4-84B0-CABA5E3BFB5C} Error: (02/27/2016 11:15:31 AM) (Source: Microsoft Office 15) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {3562ACC9-EC85-43E4-84B0-CABA5E3BFB5C} Error: (02/27/2016 11:05:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTEBOOK) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (02/25/2016 12:21:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: CSISYNCCLIENT.EXE, Version: 15.0.4779.1000, Zeitstempel: 0x5641a1e2 Name des fehlerhaften Moduls: mso.dll, Version: 0.0.0.0, Zeitstempel: 0x567a3159 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0016b2cf ID des fehlerhaften Prozesses: 0x2614 Startzeit der fehlerhaften Anwendung: 0xCSISYNCCLIENT.EXE0 Pfad der fehlerhaften Anwendung: CSISYNCCLIENT.EXE1 Pfad des fehlerhaften Moduls: CSISYNCCLIENT.EXE2 Berichtskennung: CSISYNCCLIENT.EXE3 Vollständiger Name des fehlerhaften Pakets: CSISYNCCLIENT.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CSISYNCCLIENT.EXE5 Error: (02/25/2016 09:28:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTEBOOK) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (02/25/2016 09:28:54 AM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=13676), GLE=5. Error: (02/25/2016 12:37:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NOTEBOOK) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (02/24/2016 05:19:55 AM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (02/24/2016 05:19:53 AM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Systemfehler: ============= Error: (02/27/2016 11:20:16 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/25/2016 02:08:13 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/24/2016 02:51:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (02/23/2016 01:09:29 PM) (Source: DCOM) (EventID: 10001) (User: NOTEBOOK) Description: "C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer15616App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mcaNicht verfügbarNicht verfügbar Error: (02/23/2016 01:06:13 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/22/2016 03:27:42 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/21/2016 11:37:25 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/21/2016 02:56:13 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/20/2016 09:51:47 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (02/19/2016 03:14:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} CodeIntegrity: =================================== Date: 2016-02-15 15:03:22.743 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-10 00:56:30.878 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-30 13:00:44.019 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-18 10:25:18.809 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-17 00:44:46.590 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-16 17:41:12.979 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-15 17:27:12.364 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-15 09:46:01.829 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-14 11:29:40.337 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-01-12 00:44:52.039 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Prozentuale Nutzung des RAM: 40% Installierter physikalischer RAM: 8080.91 MB Verfügbarer physikalischer RAM: 4780.56 MB Summe virtueller Speicher: 9834.13 MB Verfügbarer virtueller Speicher: 3146 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:94.93 GB) (Free:28.67 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Data) (Fixed) (Total:130.86 GB) (Free:36.7 GB) NTFS Drive e: (3InternetManager) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: B9B10D10) Partition: GPT. ==================== Ende von Addition.txt ============================ Addition Stand-PC Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016 durchgeführt von Ben (2016-02-27 12:22:31) Gestartet von J:\ Windows 7 Home Premium Service Pack 1 (X64) (2011-09-11 10:29:47) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2716085258-967733617-559326010-500 - Administrator - Disabled) Ben (S-1-5-21-2716085258-967733617-559326010-1000 - Administrator - Enabled) => C:\Users\Ben Gast (S-1-5-21-2716085258-967733617-559326010-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2716085258-967733617-559326010-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E} AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated) Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.1.0.0 - Adobe Systems Incorporated) Adobe Premiere Elements 12 (Version: 12.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ARMA III (HKLM-x32\...\ARMA III_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Assassins Creed Syndicate (HKLM-x32\...\Assassins Creed Syndicate_is1) (Version: - ) ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - ) Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.1.7 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.) Common (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Contents (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Corel VideoStudio Essentials X4 (HKLM-x32\...\_{AA902C31-B49D-4608-BCCF-2519EB77722D}) (Version: 14.0.1.13 - Corel Corporation) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd) Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal) DeviceIO (x32 Version: 14.0.1.13 - Corel Corporation) Hidden DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC) Downloader (HKLM-x32\...\Downloader) (Version: - ) Driver Detective (HKLM-x32\...\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}) (Version: 8.0.1 - PC Drivers HeadQuarters) Dropbox (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.) EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs) Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH) EndNote X6 (HKLM-x32\...\{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}) (Version: 16.0.1.6599 - Thomson Reuters) Finale PrintMusic 2011 (HKLM-x32\...\Finale PrintMusic 2011) (Version: 2011.a.r1.4 - MakeMusic) Firebird v2.0 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2) FLV Player Packages (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\FLV Player Packages) (Version: - ) <==== ACHTUNG Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.) Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft) Free YouTube to MP3 Converter version 3.11.34.1015 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.34.1015 - DVDVideoSoft Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Chrome (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden HP LaserJet 200 color M251 (HKLM-x32\...\{6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD}) (Version: 5.0.12200.1036 - Hewlett-Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden hpbM251DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden HPDXP (x32 Version: 3.0.26.12 - HP) Hidden HPLaserJet200color-M251_HelpLearnCenter_SI (HKLM-x32\...\{DDEBEA89-2B5A-4E5B-8702-369882BB3F52}) (Version: 1.01.0000 - Hewlett-Packard) HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden HPLJUTM251 (x32 Version: 3.00.0003 - HP) Hidden hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden hppM251LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden hpStatusAlertsM251 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden HydraVision (x32 Version: 4.2.188.0 - ATI Technologies Inc.) Hidden ICA (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Intel(R) Desktop Utilities (HKLM-x32\...\{F01CBA59-B5BD-4608-A834-1CBE8C292A71}) (Version: 1.0.0 - Intel Corporation) Intel(R) Integrator Assistant (HKLM-x32\...\{D1A35687-AEA9-422C-B237-FC4F8136B6F6}) (Version: 1.0.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation) IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden ISCOM (x32 Version: 14.0.1.13 - Corel Corporation) Hidden iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.) Janitos Offline-Tarifrechner 3.4.2.4 (HKLM-x32\...\Janitos Offline-Tarifrechner 3_is1) (Version: - Fairware24) LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.162.0 - Microsoft Corporation) Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) MyFreeCodec (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MyFreeCodec) (Version: - ) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Panda Devices Agent (x32 Version: 1.03.05 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security) Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden PCmover OEM Express (HKLM-x32\...\{1EE14CC2-ED85-4EEA-8714-A31C86AF3769}) (Version: 5.00.617 - Laplink Software, Inc.) ph (x32 Version: 1.0.0 - Your Company Name) Hidden PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.02.00076 - Sony Computer Entertainment Inc.) PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.1.8.07881 - Sony Computer Entertainment Inc.) PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) PureHD (x32 Version: 14.0.1.13 - Corel Corporation) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - ) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.) Setup (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Share (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Share64 (Version: 14.0.1.13 - Corel Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steinberg Cubase 7 64bit (HKLM\...\{57FB2180-0FC7-41FC-8D76-3C4271CF4422}) (Version: 7.0.0 - Steinberg Media Technologies GmbH) Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH) Steinberg Eucon Adapter 6.5 64bit (HKLM\...\{95D90857-61C2-4927-85FF-A317E46E7351}) (Version: 6.5.0 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.1 - Steinberg Media Technologies GmbH) Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.6.1 - Steinberg Media Technologies GmbH) Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH) Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH) Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH) Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH) Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH) Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH) TuxGuitar 1.2 (HKLM-x32\...\TuxGuitar_0) (Version: - ) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unity Web Player (HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VIO (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VSClassic (x32 Version: 14.0.1.13 - Corel Corporation) Hidden VSPro (x32 Version: 14.0.1.13 - Corel Corporation) Hidden Watch Dogs (HKLM-x32\...\Watch Dogs_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net) ZD Soft Screen Recorder (HKLM-x32\...\{7E7E19A6-7AF5-4515-B77E-FD6B403F0483}) (Version: 7.0.0 - ZD Soft) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2716085258-967733617-559326010-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {09945CC6-14F9-4CA5-A982-74974031B4D5} - \{3F20B41C-1E30-4B61-96D8-A81CBFA48636} -> Keine Datei <==== ACHTUNG Task: {1C82B0DB-3961-4AF7-A4FE-B7391449453D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.) Task: {2C036759-B52E-4207-89A9-9921F6203440} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {46E8032E-607E-487B-8F7D-3D7F2FDB6AE4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated) Task: {88D6FB7B-8C13-4E94-96CF-B2D37D8D26C7} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-14] (Hewlett Packard) Task: {898BB81A-D794-4352-9C0B-B5B400520AFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.) Task: {9B5B2F9F-8C83-4928-B455-17D87974963C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-10-23] (Dropbox, Inc.) Task: {A387D775-D805-41D5-81E3-598BB8FFAFDD} - \Microsoft_Hardware_Launch_IPoint_exe -> Keine Datei <==== ACHTUNG Task: {A4D533D9-231D-47DC-9946-A9B73B59BCAC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.) Task: {C04EAF6B-3EE9-44F7-A82B-1110CDE934EE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2716085258-967733617-559326010-1000 Task: {CE1E9277-2406-48C0-88EC-21DAC42B8B20} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {D3979D7E-EF69-4F15-99B5-DFD19316906C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-10-23] (Dropbox, Inc.) Task: {D7B00D6C-5894-4E94-BAF3-C72D2DFA8D38} - \{F02AB7AB-17B4-4F77-95E7-DDD2CCC844B0} -> Keine Datei <==== ACHTUNG Task: {E3286241-617F-455C-8F8E-5B550B1B10FE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.) Task: {E93801B5-3F0C-4A3E-BD9F-76B3D773B21B} - \{03D55E50-01C8-4EE2-84D8-78358F27AC84} -> Keine Datei <==== ACHTUNG Task: {EE355AC1-8A43-4465-B276-F5DF87D1B7BD} - \Microsoft_Hardware_Launch_IType_exe -> Keine Datei <==== ACHTUNG Task: {F01DA22C-8AF5-450C-8803-61079C72D471} - System32\Tasks\TinyTakeUpgrade => C:\Users\Ben\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe Task: {FFA88F84-5C15-4150-92FD-768C7D59FA63} - System32\Tasks\AdobeAAMUpdater-1.0-Ben-PC-Ben => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2011-09-11 20:17 - 2015-11-23 16:39 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-08-30 08:37 - 2014-08-30 08:36 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe 2011-09-11 12:23 - 2008-05-05 09:59 - 00200704 ____R () C:\Windows\SysWOW64\HsMgr.exe 2011-09-11 12:23 - 2008-05-05 10:00 - 00281088 ____R () C:\Windows\system\HsMgr64.exe 2011-09-11 12:23 - 2008-01-09 07:18 - 00090112 ____R () C:\Program Files\ASUS Xonar D1 Audio\Customapp\MXMon.exe 2011-12-27 23:21 - 2012-05-04 06:37 - 00021392 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2014-08-30 08:36 - 2014-10-06 14:09 - 02662424 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2015-05-15 15:26 - 2015-05-15 15:26 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2011-11-24 20:19 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll 2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll 2014-08-30 08:37 - 2014-08-30 08:36 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll 2012-05-06 23:53 - 2012-05-06 23:53 - 00115137 _____ () C:\Users\Ben\AppData\Local\Temp\c25e8b3d-33a7-42bf-85e6-6880c6753136\CliSecureRT.dll 2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2016-02-11 12:03 - 2016-02-11 12:03 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\517f6ac3a3d9fbdb4380859f99108c77\IsdiInterop.ni.dll 2011-09-11 11:44 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-05-15 15:27 - 2015-05-15 15:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-05-15 15:27 - 2015-05-15 15:27 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{B001F264-53B8-4CC1-92E2-EAB94C81BC2B}] => (Allow) C:\Program Files (x86)\Laplink\PCmover\pcmover.exe FirewallRules: [{3AC592F5-E42D-4CA8-948F-9CD2F0770FF3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B6399F0B-A58F-47AA-B11C-86BBD853D033}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8CC14338-559E-4871-A7E5-DC6265FFFC78}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{4A4E0D6F-B682-44CF-B414-2F0F7F020FE0}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{0E68AD1F-9346-4D2F-9D0B-48032C09B081}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E05353BA-379B-48EC-B2E6-37AF316E8CEA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C94A3B05-2753-40DE-A021-F639F0F0AF17}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F6648CF7-A25D-45B2-90CC-0777504E1276}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{BC18E81B-803B-448D-8B5C-E2DA34153645}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{063C98AE-D3C7-4692-941B-143D86DF16D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6A93DF79-CD4A-4811-9C71-402132F48657}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{4120E1EE-D246-4052-BCA2-58F0A4BCB93B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{7D19249E-E3E9-41F2-977C-B4022294ABD9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe FirewallRules: [{9C21D239-256A-45C0-B85F-16DE71F6DF94}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe FirewallRules: [{7C55B39D-D6A5-44C5-AF51-717C1BE82848}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{8957D3B7-A5F0-45F0-BC2B-4FE5A82D5BE5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{FF5A1DA7-347C-47DF-A876-22BE4F601571}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe FirewallRules: [{FDFE1B80-6B80-4C0A-8FDE-52D674D318E5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe FirewallRules: [{1EE8278C-2B5B-45C8-8D5F-11E6B773F684}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe FirewallRules: [{84B8EF55-E03C-4575-8C59-D4B881489A99}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe FirewallRules: [{5E58DA39-75B9-4425-BD2B-2150D991D7C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\deus ex - human revolution\dxhr.exe FirewallRules: [{89B39A0B-0501-4193-AB33-C7F6ABA2B335}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\deus ex - human revolution\dxhr.exe FirewallRules: [{3C37A919-C1CD-46A8-8948-B20D974D5C28}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{78AB0BBC-E2DF-4E69-9AC7-3DA6A3AB404F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EDEF6460-B99B-45C7-B6F5-B2372C7AF19D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{468F5C72-5BCA-4946-8927-72DE7C5F0FCD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A31357EE-6699-4F24-91A1-1B33DAE0BFEE}] => (Allow) C:\Users\Ben\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{94291758-9BAE-40C7-A669-DADBB1F55CB6}] => (Allow) C:\Users\Ben\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{A18FCE9E-E616-4114-8520-8E5AF53B17CB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{5F7B3BE7-AC50-4F42-884B-3A203AD12C21}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{B8EA9469-B539-486A-9817-36F00421C2A6}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{0C80E109-2B06-4A65-AC1A-599580BF21FB}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{D26EA360-44EC-45CE-B3C4-AB653D7B98BC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{9DE74AFA-AC42-4C04-9AA6-F4554E92E107}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{C1692DC4-5877-4C82-8DAB-70F81D3C19D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe FirewallRules: [{C8BF69B2-9673-4C74-B347-04C61C004745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex - Human Revolution\dxhr.exe FirewallRules: [{4C3D7B3E-027F-4E3B-9FDF-4FE6DE3C058A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{CEA2E496-1936-4A7B-8C34-4CC856E84B14}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe FirewallRules: [{83C626FF-9C9F-4606-A41C-B07F6B4BC786}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe FirewallRules: [{C084B564-C488-4278-B740-C8805D8B2C0D}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe FirewallRules: [{9E6C57D7-DD29-4601-B45F-7D64005196BA}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe FirewallRules: [{AB845AC3-6B98-475A-AD79-E0DD0874CFA3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe FirewallRules: [{6C30F4F1-06A7-4A15-A378-33DCA86F4974}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{6F9C2503-7627-435E-82CF-ADAB23C8FC00}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{49273B1D-14E4-439F-8146-A7AD40EB9F00}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\Bin\HPNetworkCommunicator.exe FirewallRules: [{EA1770B3-BCE8-4C8A-95A6-B299749DEF0D}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet 200 color M251\bin\EWSProxy.exe FirewallRules: [TCP Query User{6EECD99F-CC45-470A-B32C-64DD6463DDE3}C:\users\ben\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ben\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{099C2A34-1EA3-437A-9DC6-94FA7EB6D08F}C:\users\ben\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\ben\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{F664A6D9-1128-418A-86B3-97221E732BA8}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe FirewallRules: [UDP Query User{DE219FDB-ED33-4F44-ADC8-6FBDB2DA00D4}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe FirewallRules: [TCP Query User{A81B7D91-EF70-4062-A86C-B189944F5DFA}C:\users\ben\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ben\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{978D1BAC-F450-4FDF-832A-C9C278EAC5FC}C:\users\ben\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ben\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{07ED71E4-F57F-4E23-A848-209989B60F4B}C:\users\ben\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ben\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{82414128-FB7A-4495-A4D1-FFA3F0E83EAE}C:\users\ben\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ben\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{E73E73B7-3400-41C2-A93C-7DDC5441BACE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{9C26AEEE-DD8F-4AD9-8898-0DAAA261C442}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [UDP Query User{7F4BD49C-F666-4BC2-92B6-2707AD64F5FD}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [{D57BDF91-5010-4314-BDAD-1E4446D032D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe FirewallRules: [{A37BF1B4-C738-42F6-AABF-BF0997206DF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe FirewallRules: [TCP Query User{60D330D3-8DE2-49B3-8C66-246748E7F6DF}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe FirewallRules: [UDP Query User{37E40B75-77C0-4C2B-B596-F1F7EA8FEEDE}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe FirewallRules: [TCP Query User{0D5D4E65-BB19-4A86-B3D0-7375A29D52F1}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{4C7A19D3-8344-4A77-BA6D-B7198EA8A503}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{9A2D46F5-3FEA-4733-B801-61130E796047}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{72E0E9A4-C0AA-4A13-93F3-4BAFB1305543}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{922A87A6-1E79-4072-82A9-C0CDA5F73CCE}C:\games\world_of_tanksna\wotlauncher.exe] => (Allow) C:\games\world_of_tanksna\wotlauncher.exe FirewallRules: [UDP Query User{C1AB514C-81A1-44B9-864D-1C6DE5C38641}C:\games\world_of_tanksna\wotlauncher.exe] => (Allow) C:\games\world_of_tanksna\wotlauncher.exe FirewallRules: [TCP Query User{B97F98B6-77FC-4D06-93E8-2ACFC71C4838}C:\games\world_of_tanksna\worldoftanks.exe] => (Allow) C:\games\world_of_tanksna\worldoftanks.exe FirewallRules: [UDP Query User{3742B1BA-2741-4342-AE56-0F628566C8EE}C:\games\world_of_tanksna\worldoftanks.exe] => (Allow) C:\games\world_of_tanksna\worldoftanks.exe FirewallRules: [TCP Query User{729DCE8D-CEA9-46DF-A841-9491FEC1B5EB}C:\tomclancy\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Block) C:\tomclancy\splinter cell blacklist\src\system\blacklist_dx11_game.exe FirewallRules: [UDP Query User{FDE0529E-404F-4922-8D1A-1FCC187755C7}C:\tomclancy\splinter cell blacklist\src\system\blacklist_dx11_game.exe] => (Block) C:\tomclancy\splinter cell blacklist\src\system\blacklist_dx11_game.exe FirewallRules: [{48A798D5-2015-4F63-A77A-020A3EF18D08}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{1968D02C-2D40-49A1-AC40-9FACA850574D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [TCP Query User{13C7E817-79AE-4A9C-8F67-2E50993B23E4}C:\program files (x86)\company of heroes 2\reliccoh2.exe] => (Block) C:\program files (x86)\company of heroes 2\reliccoh2.exe FirewallRules: [UDP Query User{5BEEE129-CF2D-44CF-B754-46D76EB79D26}C:\program files (x86)\company of heroes 2\reliccoh2.exe] => (Block) C:\program files (x86)\company of heroes 2\reliccoh2.exe FirewallRules: [{E3CD2449-9D66-4794-8A7A-46B6C18F8649}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2E87D901-8F53-447B-93C2-8D73659DE0EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C3552C75-6460-4B98-903C-401D26083413}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{EDE98D14-BF73-4C98-B0AA-B1C10B04424B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{BCFF3135-115C-4C51-87A1-6DD6726A932E}] => (Block) %SystemDrive%\Games\TwoWorlds\Two Worlds II\TwoWorlds2.exe FirewallRules: [TCP Query User{C7E071A2-2560-4B6D-B8BF-9608E9649A5F}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{2483FF2B-E2BF-46FD-963D-810D9CEDB50A}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [{B9E208F8-A95A-4B75-80CE-E51DB15625CF}] => (Allow) LPort=51001 FirewallRules: [{A927EFE0-B86E-4677-B8D1-9EF8F0B435E2}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{B95F83ED-1332-4C3E-BC51-8CD9880CD8CC}C:\games\dying light\dyinglightgame.exe] => (Block) C:\games\dying light\dyinglightgame.exe FirewallRules: [UDP Query User{7E8BAA0A-74D2-4112-9B70-D66A4561687A}C:\games\dying light\dyinglightgame.exe] => (Block) C:\games\dying light\dyinglightgame.exe FirewallRules: [TCP Query User{DDD41ABC-2B66-4B97-B740-5D02DDC57382}C:\program files (x86)\utorrent\utorrent.exe] => (Block) C:\program files (x86)\utorrent\utorrent.exe FirewallRules: [UDP Query User{005938F6-9BF9-4534-8CB8-8B0491C27ABC}C:\program files (x86)\utorrent\utorrent.exe] => (Block) C:\program files (x86)\utorrent\utorrent.exe FirewallRules: [{0ECD14A6-46E9-4C85-8A8D-03EE18ED223C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0D21220D-0FD2-43A6-8016-D3B05614DF64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BB3AAC0F-4D60-4B5D-A969-8D0AA4561517}] => (Allow) C:\Users\Ben\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B238E9AE-A2ED-4371-8932-C0D46012AE6E}] => (Allow) C:\Users\Ben\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{39FE33DC-38F0-4335-A2AC-8B495BD94750}] => (Allow) C:\Users\Ben\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CF278C60-83D4-423B-A8C5-DF7C614A2DC7}] => (Allow) C:\Users\Ben\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E62538F6-7993-442E-8AC0-9B4BDDE226EB}] => (Allow) C:\Users\Ben\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BAD76361-7173-42C0-898E-DD40E941ECD2}] => (Allow) C:\Users\Ben\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CDA26E5B-D556-4817-A131-BB3337C67CAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B4EF2793-09A7-40A2-AFD5-AE1BD9687D01}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{F0059CCE-06B7-4406-88A8-E3FF1F5B12B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{6D5236DB-645F-46FF-B5AD-2D3366B5787D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{94CB29A0-5EEC-4C2C-92F6-122C2344104F}] => (Allow) C:\Games\Steam.exe FirewallRules: [{27A409B6-CA39-4C5B-9ACC-14FC7901379C}] => (Allow) C:\Games\Steam.exe FirewallRules: [{2AC92806-D1F7-452A-8CD4-96F332775B38}] => (Allow) C:\Games\bin\steamwebhelper.exe FirewallRules: [{B6CD5E5F-F103-4071-A2A1-0968C48D1C56}] => (Allow) C:\Games\bin\steamwebhelper.exe FirewallRules: [{42D0FE72-9ACD-43DE-BFEC-F553AD9FFC6B}] => (Allow) C:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{BAE25F75-63D1-41DC-BC2B-1D03C5CD3348}] => (Allow) C:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{C39C978C-F514-4A38-BAE5-6B7B9E99E392}] => (Allow) C:\Games\World_of_TanksEU\WoTLauncher.exe FirewallRules: [{47C61F1F-FB71-489B-9C19-03B9C21A52AB}] => (Allow) C:\Games\World_of_TanksEU\WoTLauncher.exe FirewallRules: [{DB91F6A4-B070-48CF-B104-CA61BC4C210C}] => (Allow) C:\Games\World_of_TanksEU\worldoftanks.exe FirewallRules: [{B5E77AE7-69CB-424A-A45F-75BEE67A5032}] => (Allow) C:\Games\World_of_TanksEU\worldoftanks.exe FirewallRules: [{E95056A4-AB25-4764-8D49-0A74C781356D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{3CB3122C-BA51-47BB-880A-A791D7148898}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe FirewallRules: [UDP Query User{B6B3A346-6140-476D-83C4-FE85109F6469}C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe] => (Allow) C:\program files (x86)\fairware24\janitostarifrechner\zebedee.exe ==================== Wiederherstellungspunkte ========================= 16-02-2016 15:00:28 Windows Update 23-02-2016 18:16:27 Windows Update 27-02-2016 10:38:14 Snagit 12 27-02-2016 11:01:19 TinyTake by MangoApps ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/27/2016 11:01:19 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2716085258-967733617-559326010-1000.old)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {c149a292-9b29-43da-a12f-5b90cd9d1ed2} Error: (02/27/2016 10:38:14 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-2716085258-967733617-559326010-1000.old)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {152018da-a367-4c4c-8767-331dee517fb3} Error: (02/27/2016 10:32:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.19135, Zeitstempel: 0x56a1bbe2 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.19135, Zeitstempel: 0x56a1ca0d Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000009a7b9 ID des fehlerhaften Prozesses: 0xf70 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Error: (02/27/2016 10:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 43212620 Error: (02/27/2016 10:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 43212620 Error: (02/27/2016 10:08:09 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/26/2016 10:08:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8752 Error: (02/26/2016 10:08:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8752 Error: (02/26/2016 10:08:05 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/26/2016 10:08:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7504 Systemfehler: ============= Error: (02/26/2016 08:43:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SVKP" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (02/26/2016 08:43:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (02/26/2016 08:43:13 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Treiber atksgt.sys konnte nicht geladen werden. Error: (02/19/2016 09:54:39 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {5C65F4B0-3651-4514-B207-D10CB699B14B} Error: (02/18/2016 05:07:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SVKP" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (02/18/2016 05:07:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (02/18/2016 05:07:08 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Treiber atksgt.sys konnte nicht geladen werden. Error: (02/18/2016 05:06:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Acrobat Update Service erreicht. Error: (02/12/2016 10:47:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SVKP" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (02/12/2016 10:47:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 25% Installierter physikalischer RAM: 8169.4 MB Verfügbarer physikalischer RAM: 6098.03 MB Summe virtueller Speicher: 16337 MB Verfügbarer virtueller Speicher: 13753.8 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:1862.92 GB) (Free:99.57 GB) NTFS Drive j: () (Removable) (Total:1.86 GB) (Free:0.92 GB) FAT ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2FC530F3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS) ======================================================== Disk: 5 (Size: 1.9 GB) (Disk ID: 5EA0F2D3) Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06) ==================== Ende von Addition.txt ============================ |
28.02.2016, 12:24 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Bitte Panda deinstallieren. Das Teil können wir einfach nicht guten Gewissens empfehlen. Vgl. Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, Avast oder AVG springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc - etwas ist bei Sicherheitssoftware einfach inakzeptabel. Wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen. Gib Bescheid wenn Panda weg ist.
__________________ Logfiles bitte immer in CODE-Tags posten |
29.02.2016, 10:23 | #5 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! So, Panda ist deinstalliert...der PC ist momentan allerdings offline; ist das ein Problem? Lg |
29.02.2016, 10:30 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Was heißt "allerdings offline" - Begründung?
__________________ --> GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! |
29.02.2016, 15:00 | #7 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Bin umgezogen und hab momentan nur am Notebook Internet... |
29.02.2016, 15:08 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Dann versorg doch bitte den Problemrechner mit einem internetanschluss...das ist alles zu umständlich ohne.
__________________ Logfiles bitte immer in CODE-Tags posten |
29.02.2016, 16:51 | #9 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Ok; hab Internet... |
29.02.2016, 21:29 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
02.03.2016, 17:14 | #11 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Hi Cosinus, Hier die Logfiles von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.03.01.06 rootkit: v2016.02.27.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.18204 Ben :: BEN-PC [administrator] 01.03.2016 22:38:47 mbar-log-2016-03-01 (22-38-47).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 417049 Time elapsed: 21 minute(s), 37 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 3 HKLM\SOFTWARE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F} (Adware.1ClickDownload) -> Delete on reboot. [2a70463c0b8efa3c7b5f18a58a78d927] HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F} (Adware.1ClickDownload) -> Delete on reboot. [2a70463c0b8efa3c7b5f18a58a78d927] HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F} (Adware.1ClickDownload) -> Delete on reboot. [2a70463c0b8efa3c7b5f18a58a78d927] Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 C:\Windows\SysWOW64\SVKP.sys (Trojan.Agent) -> Delete on reboot. [a7f3c3bf9dfcce68b0016c2db84b2dd3] C:\Users\Ben\AppData\Local\Temp\rundll32.exe (Trojan.Agent.RDL) -> Delete on reboot. [b3e7acd60a8fa4928893bc1eb74cad53] Physical Sectors Detected: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.03.02.04 rootkit: v2016.02.27.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.18204 Ben :: BEN-PC [administrator] 02.03.2016 16:39:11 mbar-log-2016-03-02 (16-39-11).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 417444 Time elapsed: 22 minute(s), 16 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
02.03.2016, 18:24 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
03.03.2016, 18:00 | #13 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Hi Cosinus, Habe leider folgenden Error bekommen, als ich die gefundenen Dateien im AdwCleaner löschen wollte: Line 8198 (File "C:...AdwCleaner-5.037.exe") Error: Error parsing function call. |
03.03.2016, 20:03 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! da sist ein bug. Einfach weitermachen.
__________________ Logfiles bitte immer in CODE-Tags posten |
05.03.2016, 16:29 | #15 |
| GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! Ok...AdwCleaner Logfiles Code:
ATTFilter # AdwCleaner v5.037 - Bericht erstellt am 03/03/2016 um 17:53:11 # Aktualisiert am 28/02/2016 von Xplode # Datenbank : 2016-02-28.2 [Lokal] # Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64) # Benutzername : Ben - BEN-PC # Gestartet von : C:\Users\Ben\Downloads\AdwCleaner_5.037.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : vToolbarUpdater3.2.0 ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Conduit [-] Ordner Gelöscht : C:\Program Files (x86)\FlvPlayer [-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec [-] Ordner Gelöscht : C:\Program Files (x86)\SupTab [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB [-] Ordner Gelöscht : C:\ProgramData\AVG Secure Search [-] Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar [-] Ordner Gelöscht : C:\ProgramData\IePluginServices [-] Ordner Gelöscht : C:\ProgramData\Premium [-] Ordner Gelöscht : C:\ProgramData\Tarma Installer [-] Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect [-] Ordner Gelöscht : C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec [-] Ordner Gelöscht : C:\Users\Ben\music\qtrax media library [-] Ordner Gelöscht : C:\Users\Ben\AppData\Local\CheckCode [-] Ordner Gelöscht : C:\Users\Ben\AppData\Local\Conduit [-] Ordner Gelöscht : C:\Users\Ben\AppData\Local\OpenCandy [-] Ordner Gelöscht : C:\Users\Ben\AppData\Local\28050 [-] Ordner Gelöscht : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc [-] Ordner Gelöscht : C:\Users\Ben\AppData\Local\Temp\OCS [-] Ordner Gelöscht : C:\Users\Ben\AppData\LocalLow\Conduit [-] Ordner Gelöscht : C:\Users\Ben\AppData\Roaming\dvdvideosoftiehelpers [-] Ordner Gelöscht : C:\Users\Ben\AppData\Roaming\FLV Player Packages [-] Ordner Gelöscht : C:\Users\Ben\AppData\Roaming\InetStat [-] Ordner Gelöscht : C:\Users\Ben\AppData\Roaming\OpenCandy [-] Ordner Gelöscht : C:\Users\Ben\AppData\Roaming\Systweak ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml [-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [-] Datei Gelöscht : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_leocdeigfnkaojcapikdjcdbedcjmffc_0.localstorage [-] Datei Gelöscht : C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_leocdeigfnkaojcapikdjcdbedcjmffc_0.localstorage-journal [-] Datei Gelöscht : C:\Users\Ben\AppData\Local\Temp\Utils.dll [-] Datei Gelöscht : C:\Windows\SysNative\roboot64.exe ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [-] Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3279141 [-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc [-] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91EE0830-B539-45AB-83F2-741FED0B0E2F} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91EE0830-B539-45AB-83F2-741FED0B0E2F} [-] Schlüssel Gelöscht : HKCU\Software\1ClickDownload [-] Schlüssel Gelöscht : HKCU\Software\Conduit [-] Schlüssel Gelöscht : HKCU\Software\InetStat [-] Schlüssel Gelöscht : HKCU\Software\InstallCore [!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\Softonic [-] Schlüssel Gelöscht : HKCU\Software\SupHpUISoft [-] Schlüssel Gelöscht : HKCU\Software\WIN [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec [-] Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware [-] Schlüssel Gelöscht : HKLM\SOFTWARE\RST [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SI-App [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab [-] Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect [-] Schlüssel Gelöscht : HKLM\SOFTWARE\supWPM [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Upt [-] Schlüssel Gelöscht : HKLM\SOFTWARE\WinUpd [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player Packages [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4640FDE1-B83A-4376-84ED-86F86BEE2D41} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\RST [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\SI-App [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Tarma Installer [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Upt [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\WinUpd [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\1EDF0464A38B673448DE688FB6EED214 [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\1EDF0464A38B673448DE688FB6EED214 [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDF0464A38B673448DE688FB6EED214 [!] Schlüssel Nicht Gelöscht : HKLM64\SOFTWARE\Classes\Installer\Products\1EDF0464A38B673448DE688FB6EED214 [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Daten Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Daten Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} [-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [-] Daten Wiederhergestellt : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [] [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mystartsearch.com [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.mystartsearch.com [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] ***** [ Internetbrowser ] ***** [-] [C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : search.conduit.com [-] [C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mystartsearch ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.3 (02.09.2016) Operating System: Windows 7 Home Premium x64 Ran by Ben (Administrator) on 05.03.2016 at 16:10:46,38 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 40 Successfully deleted: C:\ProgramData\pc drivers headquarters (Folder) Successfully deleted: C:\Users\Ben\AppData\Local\cre (Folder) Successfully deleted: C:\Users\Ben\Appdata\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com (File) Successfully deleted: C:\Users\Ben\AppData\Roaming\compuclever (Folder) Successfully deleted: C:\Users\Ben\AppData\Roaming\getrighttogo (Folder) Successfully deleted: C:\Program Files (x86)\pc drivers headquarters (Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LRXTJ1S (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2FLNQ2P3 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IO3XE70 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VEM2SCT (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AQUK8OU (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2D0U3PV (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZ3CY1TD (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FOFJQJIA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBHTRPFQ (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYHJ16KC (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPV09I21 (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TDI1DZJH (Temporary Internet Files Folder) Successfully deleted: C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4CYE7BF (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1LRXTJ1S (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2FLNQ2P3 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2IO3XE70 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VEM2SCT (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AQUK8OU (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A2D0U3PV (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZ3CY1TD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FOFJQJIA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KBHTRPFQ (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MYHJ16KC (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QPV09I21 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TDI1DZJH (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V4CYE7BF (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 05.03.2016 at 16:13:14,81 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Ben (Administrator) auf BEN-PC (05-03-2016 16:16:11) Gestartet von C:\Users\Ben\Downloads Geladene Profile: Ben (Verfügbare Profile: Ben) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.cpl,CMICtrlWnd HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-05-05] () HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [281088 2008-05-05] () HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-05-04] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Google Update] => C:\Users\Ben\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [955792 2012-05-04] (Samsung) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] () HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-08] (AMD) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ben\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [GalaxyClient] => C:\Games\GalaxyClient\GalaxyClient.exe /launchViaAutoStart HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\Run: [Dropbox Update] => C:\Users\Ben\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-23] (Dropbox, Inc.) HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {cecf4499-ad7e-11e1-bf40-002215ab262a} - J:\Startme.exe HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {d37daeaf-dc5f-11e0-bd44-806e6f6e6963} - D:\AutoRun.exe HKU\S-1-5-21-2716085258-967733617-559326010-1000\...\MountPoints2: {f72e12aa-59f8-11e3-b7eb-002215ab262a} - J:\Autorun.exe ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ben\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-07-02] ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013-05-09] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{19097D70-4233-4CED-95C2-E1281CC86E61}: [NameServer] 213.94.78.16 213.94.78.17 Tcpip\..\Interfaces\{A4B2921D-9C78-4B37-A8DF-38FBFE7438DC}: [NameServer] 213.94.78.16 213.94.78.17 Tcpip\..\Interfaces\{B1746085-C6EF-47B6-85F2-DE84A3ED9E92}: [DhcpNameServer] 192.168.0.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com URLSearchHook: HKU\S-1-5-21-2716085258-967733617-559326010-1000 - (Kein Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - Keine Datei BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [Keine Datei] FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2010-02-19] (Metaboli) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-04-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Ben\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @talk.google.com/O1DPlugin -> C:\Users\Ben\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Ben\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ben\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2716085258-967733617-559326010-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-12-04] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-02-12] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Ben\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Ben\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: Image Search Options - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2016-03-04] FF Extension: British English Dictionary - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\Extensions\en-GB@dictionaries.addons.mozilla.org [2015-12-20] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\hq510na4.default-1415547060606\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-02-12] [ist nicht signiert] FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-02-12] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-21] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-24] CHR Extension: (Google Search) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-24] CHR Extension: (Kaspersky URL Advisor) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2012-10-12] CHR Extension: (Virtual Keyboard) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2012-10-12] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-10-12] CHR Extension: (WhiteSmoke B) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp [2013-08-24] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3279141&extensionData=\u003Cextension_data\u003E] <==== ACHTUNG CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-24] CHR Extension: (Anti-Banner) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2012-10-12] CHR HKU\S-1-5-21-2716085258-967733617-559326010-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Ben\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx <nicht gefunden> CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] CHR HKLM-x32\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Ben\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-29] (GOG.com) S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [Datei ist nicht signiert] S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [Datei ist nicht signiert] S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert] S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-23] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 GalaxyClientService; "C:\Games\GalaxyClient\GalaxyClientService.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2012-04-02] () R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-30] (AVG Technologies) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1358336 2008-06-23] (C-Media Inc) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-10-22] (DT Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 FFUsbAudio; C:\Windows\System32\DRIVERS\ffusbaudio.sys [53080 2011-10-31] (Focusrite Audio Engineering Ltd.) R3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.) R3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [376448 2013-11-01] (Huawei Technologies Co., Ltd.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2012-04-02] () R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [Datei ist nicht signiert] U4 secdrv; kein ImagePath S2 SVKP; system32\SVKP.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-05 16:16 - 2016-03-05 16:16 - 00021905 _____ C:\Users\Ben\Downloads\FRST.txt 2016-03-05 16:14 - 2016-03-05 16:15 - 02374144 _____ (Farbar) C:\Users\Ben\Downloads\FRST64.exe 2016-03-05 16:13 - 2016-03-05 16:13 - 00006579 _____ C:\Users\Ben\Desktop\JRT.txt 2016-03-05 16:09 - 2016-03-05 16:09 - 01609216 _____ (Malwarebytes) C:\Users\Ben\Downloads\JRT.exe 2016-03-03 19:57 - 2016-03-03 19:57 - 00806316 _____ C:\Users\Ben\Desktop\Medikamentenliste Chirurgie KSSG.pdf 2016-03-03 17:45 - 2016-03-03 17:55 - 00000000 ____D C:\AdwCleaner 2016-03-03 17:45 - 2016-03-03 17:45 - 01518592 _____ C:\Users\Ben\Downloads\AdwCleaner_5.037.exe 2016-03-01 22:38 - 2016-03-02 17:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-03-01 22:38 - 2016-03-02 16:39 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-01 22:23 - 2016-03-02 17:07 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-01 20:50 - 2016-03-01 20:51 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Ben\Downloads\mbar-1.09.3.1001.exe 2016-02-29 16:49 - 2016-02-29 16:49 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Sierra Wireless 2016-02-29 16:48 - 2016-02-29 16:49 - 00000000 ____D C:\ProgramData\mquadr.at 2016-02-29 16:48 - 2016-02-29 16:48 - 00000000 ____D C:\Users\Ben\AppData\Local\mquadr.at 2016-02-29 16:47 - 2016-02-29 16:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2016-02-29 16:46 - 2016-02-29 16:49 - 00000000 ____D C:\ProgramData\DatacardService 2016-02-29 16:46 - 2016-02-29 16:46 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3InternetManager.lnk 2016-02-29 16:46 - 2016-02-29 16:46 - 00001159 _____ C:\Users\Public\Desktop\3InternetManager.lnk 2016-02-29 16:46 - 2016-02-29 16:46 - 00000000 __HDC C:\ProgramData\{9D635F88-2634-48A4-AFDC-9197B8A319F4} 2016-02-29 16:46 - 2016-02-29 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3InternetManager 2016-02-29 16:46 - 2016-02-29 16:46 - 00000000 ____D C:\ProgramData\H3G 2016-02-29 16:46 - 2016-02-29 16:46 - 00000000 ____D C:\Program Files (x86)\3InternetManager 2016-02-29 16:46 - 2014-02-04 17:35 - 04161976 ____N (mquadr.at software engineering und consulting GmbH) C:\Windows\SysWOW64\M2ElevatedCalls.dll 2016-02-29 16:46 - 2013-11-01 10:25 - 00376448 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys 2016-02-29 16:46 - 2013-10-23 11:43 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys 2016-02-29 16:46 - 2013-09-02 15:50 - 00456192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2016-02-29 16:46 - 2013-06-29 17:17 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2016-02-29 16:46 - 2013-03-04 16:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2016-02-29 16:46 - 2013-03-04 16:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2016-02-29 16:46 - 2013-03-04 16:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2016-02-29 16:46 - 2013-03-04 16:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2016-02-29 16:46 - 2013-03-04 16:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2016-02-29 16:46 - 2013-01-25 09:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2016-02-29 16:46 - 2012-12-22 09:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2016-02-29 16:46 - 2012-12-03 14:57 - 00238592 ____N (Nicomsoft Ltd.) C:\Windows\SysWOW64\WiFiMan.dll 2016-02-29 16:46 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-02-29 16:46 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2016-02-29 16:46 - 2010-10-08 16:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2016-02-29 16:46 - 2010-09-26 18:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2016-02-27 12:21 - 2016-03-05 16:16 - 00000000 ____D C:\FRST 2016-02-27 10:37 - 2016-02-27 10:37 - 00000000 ____D C:\Users\Ben\Documents\Bands 2016-02-27 10:28 - 2016-02-27 10:28 - 00000000 ____D C:\Users\Ben\Documents\Versicherungen 2016-02-25 00:39 - 2016-02-25 00:50 - 00000000 ____D C:\Users\Ben\Downloads\IBM SPSS Statistics v23 x64 2016-02-23 23:13 - 2016-02-24 01:03 - 00000000 ____D C:\Users\Ben\Downloads\Top Gun (Deluxe Edition) 2005 [Music From & Inspired By The Motion Picture] 2014 MP3 2016-02-23 23:12 - 2016-02-24 01:12 - 00000000 ____D C:\Users\Ben\Downloads\Jerry Lee Lewis - The Definitive Collection (2005) [320] vtwin88cube 2016-02-22 13:45 - 2016-02-22 13:54 - 00000000 ____D C:\ProgramData\firebird 2016-02-22 13:44 - 2016-02-22 13:44 - 79336865 _____ (Fairware24 ) C:\Users\Ben\Downloads\tarifrechnersetupoesterreich.exe 2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Janitos 2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\ProgramData\JanitosTarifrechner 2016-02-22 13:44 - 2016-02-22 13:44 - 00000000 ____D C:\Program Files (x86)\Fairware24 2016-02-20 15:17 - 2016-02-20 15:17 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-18 20:26 - 2016-02-29 17:39 - 00013948 _____ C:\Users\Ben\Desktop\Finanzübersicht.xlsx 2016-02-12 11:31 - 2016-02-18 17:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-10 11:07 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-02-10 11:07 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-02-10 11:07 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-02-10 11:07 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-02-10 11:07 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-02-10 11:07 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-02-10 11:07 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-02-10 11:07 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-02-10 11:07 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-02-10 11:07 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-02-10 11:07 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-02-10 11:07 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-02-10 11:07 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-02-10 11:07 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-02-10 11:07 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-02-10 11:07 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-02-10 11:07 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-02-10 11:07 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-02-10 11:07 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-02-10 11:07 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-02-10 11:07 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-02-10 11:07 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-02-10 11:07 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-02-10 11:07 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-02-10 11:07 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-02-10 11:07 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-02-10 11:07 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-02-10 11:07 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-02-10 11:07 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-02-10 11:07 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-02-10 11:07 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-02-10 11:07 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-02-10 11:07 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-02-10 11:07 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-02-10 11:07 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-02-10 11:07 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-02-10 11:07 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-02-10 11:07 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-02-10 11:07 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-02-10 11:07 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-02-10 11:07 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-02-10 11:07 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-02-10 11:07 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-02-10 11:07 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-02-10 11:07 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-02-10 11:07 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-02-10 11:07 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-02-10 11:07 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-02-10 11:07 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-02-10 11:07 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-02-10 11:07 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-02-10 11:07 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-02-10 11:07 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-02-10 11:07 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-02-10 11:07 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-02-10 11:07 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-02-10 11:07 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-02-10 11:07 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-02-10 11:07 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-02-10 11:07 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-02-10 11:07 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-02-10 11:07 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-02-10 11:07 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-02-10 11:07 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-02-10 11:07 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-02-10 11:07 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-02-10 11:07 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-02-10 11:07 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-02-10 11:07 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-02-10 11:07 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2016-02-10 11:07 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2016-02-10 11:07 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2016-02-10 11:06 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-02-10 11:06 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-02-10 11:06 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-02-10 11:06 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-02-10 11:06 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-02-10 11:06 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-02-10 11:06 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-02-10 11:06 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-02-10 11:06 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2016-02-10 11:06 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2016-02-10 11:06 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-02-10 11:06 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-02-10 11:06 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-02-10 11:06 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-02-10 11:06 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-02-10 11:06 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-02-10 11:06 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-02-10 11:06 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-02-10 11:06 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-02-10 11:06 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-02-10 11:06 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-02-10 11:06 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-02-10 11:06 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-02-10 11:06 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-02-10 11:06 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-02-10 11:06 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-02-10 11:06 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2016-02-10 11:06 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-02-10 11:06 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-02-10 11:06 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-02-10 11:06 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-02-10 11:06 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-02-10 11:06 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-02-10 11:06 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-02-10 11:06 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-02-10 11:06 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-02-10 11:06 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-02-10 11:06 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-02-10 11:06 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-02-10 11:06 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-02-10 11:06 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-02-10 11:06 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-02-10 11:06 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-02-10 11:06 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-02-10 11:06 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-02-10 11:06 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2016-02-10 11:06 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2016-02-10 11:06 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-02-10 11:06 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-02-10 11:06 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-02-10 11:06 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-02-10 11:06 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-02-10 11:06 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-02-10 11:06 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2016-02-10 11:06 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-02-10 11:06 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2016-02-10 11:06 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2016-02-10 11:06 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2016-02-10 11:06 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-02-10 11:06 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-02-10 11:05 - 2016-01-22 07:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-02-10 11:05 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-02-10 11:05 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-02-10 11:05 - 2016-01-22 07:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-02-10 11:05 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-02-10 11:05 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-02-10 11:05 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 06:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-02-10 11:05 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-02-10 11:05 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-02-10 11:05 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-02-10 11:05 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-02-10 11:05 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-02-10 11:05 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-02-05 16:02 - 2016-02-05 16:02 - 00056831 _____ C:\Users\Ben\Documents\A-Trust Signaturvertrag 1287349.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-05 15:50 - 2012-09-17 10:30 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-03-05 15:44 - 2012-05-10 19:55 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-05 15:44 - 2011-11-11 14:32 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job 2016-03-05 15:41 - 2015-10-23 12:13 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000UA.job 2016-03-05 14:03 - 2011-10-01 17:12 - 00000000 ____D C:\Users\Ben\AppData\Roaming\vlc 2016-03-05 13:25 - 2015-10-23 12:13 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job 2016-03-05 12:43 - 2012-05-10 19:55 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-05 12:43 - 2011-11-11 14:32 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2716085258-967733617-559326010-1000Core.job 2016-03-05 09:20 - 2011-09-25 21:10 - 00000000 ____D C:\Users\Ben\AppData\Local\Adobe 2016-03-03 17:29 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-03-03 17:29 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-03-02 16:37 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat 2016-03-02 16:37 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat 2016-03-02 16:37 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-02 16:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-03-02 06:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-01 23:13 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\addins 2016-03-01 03:00 - 2015-04-07 22:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-03-01 03:00 - 2015-04-07 22:21 - 00000000 ___SD C:\Windows\system32\GWX 2016-02-29 10:20 - 2011-09-11 12:03 - 00118320 _____ C:\Users\Ben\AppData\Local\GDIPFONTCACHEV1.DAT 2016-02-29 10:19 - 2009-07-14 05:45 - 00493072 _____ C:\Windows\system32\FNTCACHE.DAT 2016-02-29 10:16 - 2015-03-12 17:26 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Panda Security 2016-02-29 10:16 - 2015-03-12 17:26 - 00000000 ____D C:\Program Files (x86)\Panda Security 2016-02-29 10:16 - 2015-03-12 17:25 - 00000000 ____D C:\ProgramData\Panda Security 2016-02-27 18:01 - 2011-09-11 11:29 - 00000000 ____D C:\Users\Ben 2016-02-27 11:04 - 2011-10-21 13:02 - 00000000 ____D C:\Users\Ben\Documents\Jobs 2016-02-27 11:03 - 2014-07-16 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-02-27 11:03 - 2012-05-22 15:42 - 00000000 ____D C:\Games 2016-02-27 11:01 - 2014-10-30 22:05 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-27 10:39 - 2016-01-21 23:25 - 00000000 ____D C:\Users\Ben\AppData\Local\TechSmith 2016-02-27 10:39 - 2016-01-21 23:24 - 00000000 ____D C:\ProgramData\TechSmith 2016-02-27 10:37 - 2012-04-18 15:10 - 00000000 ____D C:\Users\Ben\Documents\Steinberg 2016-02-27 10:36 - 2013-05-15 19:37 - 00000000 ____D C:\Users\Ben\Documents\EndNote 2016-02-27 10:36 - 2012-10-21 20:04 - 00000000 ____D C:\Users\Ben\Documents\Finale-Dateien 2016-02-27 10:32 - 2016-01-22 10:01 - 00000000 ____D C:\Users\Ben\AppData\Local\CrashDumps 2016-02-25 00:53 - 2011-10-13 15:07 - 00000000 ____D C:\Users\Ben\AppData\Roaming\uTorrent 2016-02-21 18:11 - 2012-10-31 10:50 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Skype 2016-02-20 15:17 - 2011-10-30 12:12 - 00000000 ____D C:\Users\Ben\AppData\Roaming\Dropbox 2016-02-19 21:54 - 2012-10-12 22:29 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-19 21:54 - 2011-11-11 14:33 - 00002377 _____ C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-18 18:29 - 2011-09-11 13:45 - 00000000 ____D C:\Users\Ben\AppData\Local\Microsoft Help 2016-02-18 17:05 - 2012-04-25 13:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-12 22:45 - 2011-09-18 11:26 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TS3Client 2016-02-11 19:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-02-10 20:50 - 2012-09-17 10:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-02-10 20:50 - 2012-09-17 10:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-02-10 20:50 - 2011-09-11 12:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-10 20:21 - 2015-10-12 21:31 - 00003568 _____ C:\Windows\System32\Tasks\TinyTakeUpgrade 2016-02-10 20:11 - 2014-12-10 23:00 - 00000000 ____D C:\Windows\system32\appraiser 2016-02-10 20:11 - 2014-05-06 22:48 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-02-10 20:11 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 16:14 - 2013-08-16 02:01 - 00000000 ____D C:\Windows\system32\MRT 2016-02-10 16:06 - 2011-09-12 18:52 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-02-09 23:05 - 2011-10-30 12:48 - 00000000 ___RD C:\Users\Ben\Dropbox ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-05-10 22:15 - 2015-10-12 21:26 - 0011264 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-02-05 12:28 - 2008-02-05 12:28 - 0000051 _____ () C:\Users\Ben\AppData\Local\setup.txt 2011-10-26 19:37 - 2011-10-26 19:37 - 0017408 _____ () C:\Users\Ben\AppData\Local\WebpageIcons.db Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Ben\PhotoshopElements_12_LS25.exe C:\Users\Ben\PremiereElements_12_LS26_win64.exe Einige Dateien in TEMP: ==================== C:\Users\Ben\AppData\Local\Temp\12-10_vista_win7_win8_64_dd_ccc_whql_net4.exe C:\Users\Ben\AppData\Local\Temp\12-1_vista_win7_64_dd_ccc.exe C:\Users\Ben\AppData\Local\Temp\41nohh3x344.jpg.exe C:\Users\Ben\AppData\Local\Temp\7za.exe C:\Users\Ben\AppData\Local\Temp\aacdec.exe C:\Users\Ben\AppData\Local\Temp\ABP_InstallChecker.exe C:\Users\Ben\AppData\Local\Temp\ABP_TB0001.exe C:\Users\Ben\AppData\Local\Temp\Bass.dll C:\Users\Ben\AppData\Local\Temp\Bass.Net.dll C:\Users\Ben\AppData\Local\Temp\binkw32.dll C:\Users\Ben\AppData\Local\Temp\bundlesweetimsetup.exe C:\Users\Ben\AppData\Local\Temp\CH.dll C:\Users\Ben\AppData\Local\Temp\CNC4LauncherUpdate.exe C:\Users\Ben\AppData\Local\Temp\d2l_Install.exe C:\Users\Ben\AppData\Local\Temp\DownloadSetup_94Zvk.exe C:\Users\Ben\AppData\Local\Temp\drm_dialogs.dll C:\Users\Ben\AppData\Local\Temp\drm_dyndata_7270014.dll C:\Users\Ben\AppData\Local\Temp\drm_dyndata_7330014.dll C:\Users\Ben\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgeeud6.dll C:\Users\Ben\AppData\Local\Temp\DWPUpgradeInstaller.exe C:\Users\Ben\AppData\Local\Temp\EBU1768.exe C:\Users\Ben\AppData\Local\Temp\EBU1FC2.DLL C:\Users\Ben\AppData\Local\Temp\ESET-activation.exe C:\Users\Ben\AppData\Local\Temp\installerdll1074534.dll C:\Users\Ben\AppData\Local\Temp\installerdll1333761.dll C:\Users\Ben\AppData\Local\Temp\installerdll1656777.dll C:\Users\Ben\AppData\Local\Temp\installerdll708150.dll C:\Users\Ben\AppData\Local\Temp\installerdll718790.dll C:\Users\Ben\AppData\Local\Temp\installerdll9768720.dll C:\Users\Ben\AppData\Local\Temp\installerdll9778891.dll C:\Users\Ben\AppData\Local\Temp\iw5sp.exe C:\Users\Ben\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Ben\AppData\Local\Temp\Offer100.exe C:\Users\Ben\AppData\Local\Temp\ose00000.exe C:\Users\Ben\AppData\Local\Temp\pixsetup.exe C:\Users\Ben\AppData\Local\Temp\readSTILog.dll C:\Users\Ben\AppData\Local\Temp\Risweb32.exe C:\Users\Ben\AppData\Local\Temp\rootsupd.exe C:\Users\Ben\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Ben\AppData\Local\Temp\Setup.exe C:\Users\Ben\AppData\Local\Temp\sonarinst.exe C:\Users\Ben\AppData\Local\Temp\sqlite3.dll C:\Users\Ben\AppData\Local\Temp\tmp2C13.exe C:\Users\Ben\AppData\Local\Temp\tmp3217.exe C:\Users\Ben\AppData\Local\Temp\tmp7E05.exe C:\Users\Ben\AppData\Local\Temp\tmp8F24.exe C:\Users\Ben\AppData\Local\Temp\tmpB71E.exe C:\Users\Ben\AppData\Local\Temp\tmpDA57.exe C:\Users\Ben\AppData\Local\Temp\tmpDD24.exe C:\Users\Ben\AppData\Local\Temp\Tsu-0DA4.dll C:\Users\Ben\AppData\Local\Temp\Tsu4F6041C1.dll C:\Users\Ben\AppData\Local\Temp\ubiFA46.tmp.exe C:\Users\Ben\AppData\Local\Temp\unrar.dll C:\Users\Ben\AppData\Local\Temp\utt9DB2.tmp.exe C:\Users\Ben\AppData\Local\Temp\vcredist_x64.exe C:\Users\Ben\AppData\Local\Temp\vcredist_x86.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.0.2-win32.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.0.5-win32.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.1.1-win32.exe C:\Users\Ben\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\Ben\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe C:\Users\Ben\AppData\Local\Temp\YontooSetup-S.exe C:\Users\Ben\AppData\Local\Temp\_is737E.exe C:\Users\Ben\AppData\Local\Temp\_isB6F0.exe C:\Users\Ben\AppData\Local\Temp\_isFE2C.exe C:\Users\Ben\AppData\Local\Temp\{A6F12165-3DEB-4252-AD1C-B55F3D795187}.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-28 11:10 ==================== Ende von FRST.txt ============================ |
Themen zu GMX-Account verschickt selbstständig Mails an Kontakte des Adressbuches sowie an Kontakte, die NICHT im Email-Adressbuch sind! |
administrator, adobe, asus, canon, computer, cubase, defender, desktop, dll, dnsapi.dll, explorer, firefox, flash player, home, homepage, mozilla, nvidia, prozesse, registry, rundll, scan, secure search, security, services.exe, software, svchost.exe, system, whatsapp, windows, windowsapps, winlogon.exe |