|
Plagegeister aller Art und deren Bekämpfung: Bekomme Malware nicht ganz wegWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.06.2016, 09:02 | #1 |
| Bekomme Malware nicht ganz weg Hallo, ich habe mir Malware eingefangen. Alle Browser verseucht. Immer andere Startseiten. Habe bisher Avira Pc-Cleaner, Malwarebytes, und Adwcleaner ausführlich laufen lassen. Kaspersky findet keine Bedrohung. Nach Neustart Malware nicht ganz weg. Alle Browser reset, bzw. restauriert, CCleaner laufen lassen. Installierte Programme bereinigt und Autostart. Kein Erfolg. Es sind in den Browsern immer wieder unterschiedliche Sauseiten, die automatisch starten. Die Startseiten jeweils verändert oder zusätzliche. Bei Firefox z.B. erscheint bei jedem Neustart eine zusätzliche zur der eingestellten Startseite z.B. mit hxxp://safebrowsing.biz/ oder anderen, wo ein Video läuft. Das wechselt. Bitte um Rat... nadarosa die Logfiles der oben genannte Programme, wo noch etwas gefunden wurde, finde ich nicht. Im Programm sind sie nicht aufrufbar. Logfile von FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2016 durchgeführt von Anse (Administrator) auf ANSE-PC (14-06-2016 10:31:46) Gestartet von d:\Anse\Desktop Geladene Profile: Anse (Verfügbare Profile: Anse) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe () C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\extservice.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe () C:\Program Files\Syncovery\SyncoveryVSS.exe (H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\vds.exe () C:\Program Files\Syncovery\SyncoveryService.exe () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Sonix) C:\Windows\vsnp2uvc.exe (F.J. Wechselberger) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe () C:\Program Files\Syncovery\SyncoveryService.exe (Dropbox, Inc.) C:\Users\Anse\AppData\Roaming\Dropbox\bin\Dropbox.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe () C:\Windows\tsnp2uvc.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe (Scand Ltd.) C:\Program Files (x86)\Scand Ltd\Outlook4Gmail\OutlookGmailSync.x64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10fwd.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_242.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [497064 2015-09-14] (Acronis) HKLM\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe [662016 2009-06-22] (Sonix) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7492712 2015-09-14] () HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [691520 2015-09-08] (Acronis International GmbH) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411976 2011-05-20] (H+H Software GmbH) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [tsnp2uvc] => C:\WINDOWS\tsnp2uvc.exe HKLM-x32\...\Run: [snp2uvc] => C:\WINDOWS\vsnp2uvc.exe HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [WireLessKeyboard] => C:\Program Files (x86)\Multimedia Keyboard Driver\StartAutorun.exe PS2USBKbdDrv.exe HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Run: [BitTorrent] => C:\Users\Anse\AppData\Roaming\BitTorrent\BitTorrent.exe [1691736 2014-11-02] (BitTorrent Inc.) HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd) HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Run: [MyPhoneExplorer] => "C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe" autorun HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Run: [Syncovery Background Scheduler] => C:\Program Files\Syncovery\SyncoveryService.exe [27271344 2015-07-10] () HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Run: [Dropbox Update] => C:\Users\Anse\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\MountPoints2: {0c90948d-3795-11e5-bee4-001a4d532ffd} - "H:\SETUP.EXE" ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk [2015-11-05] ShortcutTarget: Biet-O-Matic.lnk -> C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org) Startup: C:\Users\Anse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04] ShortcutTarget: Dropbox.lnk -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Anse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar405.lnk [2016-06-13] ShortcutTarget: Sidebar405.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) GroupPolicyScripts\User: Beschränkung <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.188.1 Tcpip\..\Interfaces\{2ff069c0-3b64-4a62-b48d-3716f99bf651}: [DhcpNameServer] 192.168.188.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-01-13] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-09] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-09] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-08] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Anse\AppData\Roaming\Mozilla\Firefox\Profiles\3drorp5v.default-1465828665202 FF Homepage: hxxps://www.google.de/?gws_rd=ssl FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-31] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Anse\AppData\Roaming\Mozilla\Firefox\Profiles\3drorp5v.default-1465828665202\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-06-13] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-01-19] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-24] FF HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension => nicht gefunden Chrome: ======= CHR dev: Chrome dev build erkannt! <======= ACHTUNG CHR HomePage: Default -> hxxps://www.google.de/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8 CHR StartupUrls: Default -> "hxxps://www.google.de/" CHR Profile: C:\Users\Anse\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Kaspersky Protection) - C:\Users\Anse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2015-11-09] CHR Extension: (Kaspersky Protection) - C:\Users\Anse\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-04-15] CHR Extension: (Adobe Acrobat) - C:\Users\Anse\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-19] CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-08] (Kaspersky Lab ZAO) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis) R2 ParagonMounter; C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\extservice.exe [487936 2015-09-02] () [Datei ist nicht signiert] R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-10-18] (Enigma Software Group USA, LLC.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-01-26] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH) R2 SyncoveryVSSService; C:\Program Files\Syncovery\SyncoveryVSS.exe [6169768 2014-10-27] () R2 Syncovery_Service; C:\Program Files\Syncovery\SyncoveryService.exe [27271344 2015-07-10] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH) R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2011-05-20] (H+H Software GmbH) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) R2 Dokan; C:\Windows\System32\DRIVERS\dokan.sys [57464 2015-08-27] (Windows (R) Win 7 DDK provider) S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] () R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-11-19] (Acronis International GmbH) S3 HH10Help.sys; C:\WINDOWS\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-08-31] () R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-04-04] (AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-08] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-24] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-24] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-05-24] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-08] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-24] (AO Kaspersky Lab) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies) S3 PTV337.X64; C:\Windows\SYSTEM32\DRIVERS\PTV337.X64.SYS [242304 2007-01-26] () S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [3531136 2009-06-23] () [Datei ist nicht signiert] R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-11-19] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [199120 2015-11-19] (Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [550352 2015-11-19] (Acronis International GmbH) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2015-10-30] (Microsoft Corporation) R1 vdrv1000; C:\Windows\System32\drivers\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-14 10:31 - 2016-06-14 10:31 - 00000000 ____D C:\FRST 2016-06-13 17:12 - 2016-06-13 17:12 - 2146191963 _____ C:\Windows\MEMORY.DMP 2016-06-13 11:08 - 2016-06-13 11:09 - 00000000 _____ C:\Recovery.txt 2016-06-12 13:35 - 2016-06-12 13:40 - 00000000 ____D C:\Users\Anse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2016-06-04 00:18 - 2016-06-04 00:18 - 00000000 ____D C:\Users\Anse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-05-24 21:26 - 2016-05-24 21:26 - 00001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-05-24 21:26 - 2016-05-24 21:26 - 00001034 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-14 10:32 - 2014-11-10 14:24 - 00000000 ____D C:\ProgramData\firebird 2016-06-14 10:18 - 2015-02-01 14:54 - 00000000 ____D C:\AdwCleaner 2016-06-14 10:04 - 2015-02-01 15:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-06-14 09:36 - 2015-06-17 14:25 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2688186270-3590573579-1487212105-1001UA.job 2016-06-14 08:44 - 2016-04-04 14:26 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-06-14 04:36 - 2015-06-17 14:25 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2688186270-3590573579-1487212105-1001Core.job 2016-06-14 04:34 - 2015-07-30 15:24 - 00004154 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6552B0CE-040A-43B4-8BC3-709B21ABDB38} 2016-06-13 22:39 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness 2016-06-13 17:18 - 2015-10-30 20:35 - 00775524 _____ C:\Windows\system32\perfh007.dat 2016-06-13 17:18 - 2015-10-30 20:35 - 00155338 _____ C:\Windows\system32\perfc007.dat 2016-06-13 17:18 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF 2016-06-13 17:18 - 2015-07-29 17:18 - 01799166 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-13 17:14 - 2014-03-18 17:25 - 00000000 ____D C:\Users\Anse\AppData\Roaming\SuperMailer 2016-06-13 17:13 - 2015-12-19 09:06 - 00000000 ____D C:\Users\Anse\AppData\Local\Deployment 2016-06-13 17:12 - 2016-01-25 02:09 - 00000000 ____D C:\Windows\Minidump 2016-06-13 17:12 - 2015-12-18 23:27 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-13 17:12 - 2015-12-18 23:11 - 00000000 ____D C:\Users\Anse 2016-06-13 17:12 - 2014-11-08 15:27 - 00000000 ____D C:\ProgramData\Syncovery 2016-06-13 16:51 - 2014-12-25 19:45 - 00000000 ____D C:\TV 2016-06-13 16:32 - 2015-12-18 17:08 - 00000000 ____D C:\Program Files (x86)\StarMoney 10 apoEdition 2016-06-13 11:34 - 2015-12-18 23:05 - 05041488 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-13 11:34 - 2015-10-12 09:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-13 11:33 - 2015-10-30 08:28 - 00524288 ___SH C:\Windows\system32\config\BBI 2016-06-13 11:20 - 2015-11-30 15:29 - 00002890 _____ C:\Windows\System32\Tasks\Paragon Updater 2016-06-13 11:20 - 2015-10-12 09:12 - 00003158 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-06-13 11:20 - 2015-08-26 16:17 - 00002850 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pc121@gmx.de 2016-06-13 11:20 - 2014-11-17 18:05 - 00002826 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Anse-PC-Anse 2016-06-13 11:16 - 2015-02-02 20:07 - 00000000 ____D C:\Program Files\LockHunter 2016-06-13 11:13 - 2015-12-18 23:04 - 00000000 ___DC C:\Windows\Panther 2016-06-13 11:13 - 2014-11-26 11:20 - 00000000 ____D C:\Users\Anse\AppData\Roaming\TeamViewer 2016-06-13 11:13 - 2014-11-09 16:53 - 00000000 ____D C:\Users\Anse\AppData\Roaming\FileZilla 2016-06-13 02:00 - 2014-03-11 11:28 - 00000000 ____D C:\Users\Anse\AppData\Local\Adobe 2016-06-12 13:40 - 2015-02-02 12:31 - 00000000 ____D C:\Windows\0028CB34D5D3460FB308A39A095A5E01.TMP 2016-06-12 10:13 - 2015-02-17 13:58 - 00000000 ____D C:\Users\Anse\AppData\Roaming\Usenet.nl 2016-06-11 02:23 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-10 19:19 - 2015-10-30 08:28 - 00008192 ___SH C:\Windows\system32\config\ELAM 2016-06-10 19:00 - 2015-02-01 15:33 - 00001181 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-06-10 19:00 - 2015-02-01 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-06-10 19:00 - 2015-02-01 15:33 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-06-10 17:17 - 2015-02-01 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-10 17:16 - 2014-11-04 15:38 - 00002462 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-10 17:16 - 2014-03-11 09:26 - 00001373 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-06-10 17:16 - 2014-03-11 09:26 - 00001287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-06-09 22:17 - 2014-03-14 20:39 - 00000000 ____D C:\Users\Anse\AppData\Roaming\vlc 2016-06-06 10:00 - 2015-12-18 16:50 - 00000000 ____D C:\ProgramData\KMSAutoS 2016-06-04 00:18 - 2014-03-11 21:43 - 00000000 ____D C:\Users\Anse\AppData\Roaming\Dropbox 2016-06-03 10:15 - 2014-03-10 21:55 - 00000000 ____D C:\Users\Anse\AppData\Local\Packages 2016-05-24 21:26 - 2015-11-10 13:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-05-24 18:15 - 2016-04-04 14:26 - 00933808 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2016-05-24 18:15 - 2015-12-08 21:34 - 00087984 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwfp.sys 2016-05-24 18:15 - 2015-06-11 19:35 - 00049240 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys 2016-05-24 18:14 - 2016-04-04 14:26 - 00238000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys 2016-05-22 08:24 - 2014-03-16 09:55 - 00000000 ____D C:\Users\Anse\AppData\Roaming\MyPhoneExplorer ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-06-24 12:55 - 2015-06-24 12:55 - 0000030 _____ () C:\Program Files (x86)\Exiferupdate.ini 2015-02-02 17:24 - 2015-02-03 11:44 - 0000132 _____ () C:\Users\Anse\AppData\Roaming\Adobe BMP Format CS5 Prefs 2015-01-20 14:45 - 2015-01-20 15:29 - 0000132 _____ () C:\Users\Anse\AppData\Roaming\Adobe GIF Format CS5 Prefs 2015-06-03 14:39 - 2015-06-12 09:26 - 0000132 _____ () C:\Users\Anse\AppData\Roaming\Adobe PNG Format CS5 Prefs 2015-07-30 15:18 - 2015-12-21 12:57 - 0000095 _____ () C:\Users\Anse\AppData\Roaming\Control System_Settings.ini 2015-12-21 15:55 - 2015-12-21 15:58 - 0002399 _____ () C:\Users\Anse\AppData\Roaming\System Monitor II_CPU0_Settings.ini 2015-12-21 15:58 - 2015-12-21 15:58 - 0000120 _____ () C:\Users\Anse\AppData\Roaming\System Monitor II_UptimeRecord.ini 2015-07-22 19:16 - 2015-07-22 19:29 - 0000222 _____ () C:\Users\Anse\AppData\Roaming\wklnhst.dat 2014-11-27 14:19 - 2014-11-27 14:16 - 0001478 _____ () C:\Users\Anse\AppData\Roaming\Microsoft\hibernation.ico 2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\Anse\AppData\Local\bass.dll 2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\Anse\AppData\Local\basscd.dll 2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\Anse\AppData\Local\CDRip.dll 2015-03-23 11:20 - 2015-06-11 17:46 - 0006144 _____ () C:\Users\Anse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\Anse\AppData\Local\lame_enc.dll 2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\Anse\AppData\Local\No23 Recorder.exe 2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\Anse\AppData\Local\no23xwrapper.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\Anse\AppData\Local\ogg.dll 2016-04-28 12:24 - 2016-04-28 12:24 - 0011530 _____ () C:\Users\Anse\AppData\Local\PrimoBurnerMM.log 2015-06-10 21:47 - 2015-06-11 11:47 - 0001496 _____ () C:\Users\Anse\AppData\Local\RecConfig.xml 2015-12-19 00:24 - 2015-12-19 00:24 - 0000017 _____ () C:\Users\Anse\AppData\Local\resmon.resmoncfg 2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\Anse\AppData\Local\vorbis.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\Anse\AppData\Local\vorbisenc.dll 2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\Anse\AppData\Local\vorbisfile.dll Einige Dateien in TEMP: ==================== C:\Users\Anse\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\Anse\AppData\Local\Temp\bassmod.dll C:\Users\Anse\AppData\Local\Temp\rsX4rkd89n.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-06 08:58 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-06-2016 durchgeführt von Anse (2016-06-14 10:34:40) Gestartet von d:\Anse\Desktop Windows 10 Pro Version 1511 (X64) (2015-12-18 21:32:53) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2688186270-3590573579-1487212105-500 - Administrator - Disabled) Anse (S-1-5-21-2688186270-3590573579-1487212105-1001 - Administrator - Enabled) => C:\Users\Anse DefaultAccount (S-1-5-21-2688186270-3590573579-1487212105-503 - Limited - Disabled) Gast (S-1-5-21-2688186270-3590573579-1487212105-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2688186270-3590573579-1487212105-1005 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE) 4K Video Downloader 3.6 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.6.3.1785 - Open Media LLC) 8GadgetPack (HKLM-x32\...\{CA2865AD-EFF4-44F0-A2C9-DCDC0A90F27E}) (Version: 14.0.0 - Helmut Buhler) Acronis True Image 2016 (HKLM-x32\...\{8E5A14D5-E127-4EB0-A250-8EE541A331ED}Visible) (Version: 19.0.5620 - Acronis) Acronis True Image 2016 (x32 Version: 19.0.5620 - Acronis) Hidden Acronis True Image 2016 Media Add-on (HKLM-x32\...\{267CA059-6574-4C45-95F7-2766CE14F91F}) (Version: 19.0.5620 - Acronis) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.0.0 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.2 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) ASEOPS 9 (HKLM-x32\...\{C9748E91-BA62-44D0-A779-24B3D29F5609}_is1) (Version: 9.0.4 - AceBIT) Ashampoo Photo Commander 9 v.9.4.3 (HKLM-x32\...\Ashampoo Photo Commander 9_is1) (Version: 9.4.3 - Ashampoo GmbH & Co. KG) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 3146416.1637756.4759644.48 - Audible, Inc.) Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team) BitTorrent (HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\BitTorrent) (Version: 7.9.2.35144 - BitTorrent Inc.) Brother MFL-Pro Suite MFC-9465CDN (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.) Camtasia Studio 7 (HKLM-x32\...\{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}) (Version: 7.0.0 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP) Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - ) ColdCut (HKLM-x32\...\{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1) (Version: ColdCut - © Jan Brummelte) CrystalDiskInfo 6.1.9a (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.9a - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG) DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC) Dropbox (HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.) EaseUS Data Recovery Wizard 6.1 (HKLM-x32\...\EaseUS Data Recovery Wizard 6.1_is1) (Version: - EaseUS) EaseUS Todo Backup Free 8.3 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.3 - CHENGDU YIWO Tech Development Co., Ltd) eMule (HKLM-x32\...\eMule) (Version: - ) Exifer (HKLM-x32\...\Exifer_is1) (Version: - Friedemann Schmidt) ffdshow [rev 2946] [2009-05-15] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - ) FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes) FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Monitor for Google 2.5 (HKLM-x32\...\Free Monitor for Google_is1) (Version: - CleverStat) GG Duplicates Cleaner 2.1 (HKLM-x32\...\GG Duplicates Cleaner_is1) (Version: - LivePIM Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM) KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden Laplink PCmover Professional (HKLM-x32\...\{44CED211-BF91-4BA0-BCA4-1CF929A65497}) (Version: 8.20.635 - Laplink Software, Inc.) Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.8.2 - Magical Jelly Bean) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.) Microsoft Office 97, Professional Edition (HKLM-x32\...\Office8.0) (Version: - ) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MiniTool Power Data Recovery - Bootable Media Builder 6.8 (HKLM-x32\...\{33187B46-F813-428A-8EE0-4B721B838C2C}_is1) (Version: - MiniTool Solution Ltd.) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Multimedia Keyboard Driver (HKLM-x32\...\InstallShield_{31C63A8A-D9AB-4300-828B-86B41F59FAE1}) (Version: 2.0 - Author) Multimedia Keyboard Driver (x32 Version: 2.0 - Author) Hidden MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger) NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON) Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG) Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG) No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23) NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation) O&O UnErase (HKLM-x32\...\{53480350-2D1F-461C-9214-3AEC993DD4A1}) (Version: 2.0.945 - O&O Software GmbH) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Outlook4Gmail 4.3.1 (HKLM-x32\...\{6A53C42D-DCCD-46B7-9143-51071726A6F6}_is1) (Version: - Scand Ltd.) PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software) Paragon ExtFS for Windows (HKLM-x32\...\ParagonExtFS) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Personal Translator 14 Professional (HKLM-x32\...\{79E4BE16-174F-4348-965B-E1A96AEF7352}) (Version: 14.0.10 - Linguatec GmbH) PlayReady PC Runtime amd64 (HKLM\...\{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}) (Version: 1.3.10 - Microsoft Corporation) Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden ProgDVB x64 (HKLM\...\ProgDVB) (Version: 7.x - Prog) RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Recovery for Writer 1.7.20461.2 Demo License (HKLM-x32\...\{4AEF2B1D-E3C6-4161-BE76-9D83E8C6AEE5}) (Version: 1.7.20461.2 - Recoveronix) Remo Repair Word (HKLM-x32\...\{D3A5E63A-5648-48D8-9283-149D9BFE44E9}_is1) (Version: 2.0.0.28 - Remo Software) R-Word Demo 1.2 (HKLM-x32\...\R-Word Demo_is1) (Version: - R-tools Technology Inc.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) SmartDVB (HKLM-x32\...\{B3A552DB-CD70-4C0E-BA00-79C3C42116AA}) (Version: 1.3.125 - SmartWARE) SPAMfighter (x32 Version: 7.6.90 - Spamfighter ApS) Hidden SpyHunter (HKLM-x32\...\{0028CB34-D5D3-460F-B308-A39A095A5E01}) (Version: 4.16.5.4290 - Enigma Software Group USA, LLC) StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden StarMoney 10 apoEdition (HKLM-x32\...\{3C463889-A09A-4F77-925E-E05A0254B3CF}) (Version: 10 - Star Finanz GmbH) StarMoney 9.0 apoEdition (HKLM-x32\...\{C4486805-7F5E-4B45-A9A0-FBB68AE25219}) (Version: 9.0 - Star Finanz GmbH) Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd.) Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH) Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH) Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden SuperMailer 7.51 (HKLM\...\Newsletter Software SuperMailer (x64)_is1) (Version: 7.51 - Mirko Boeer Softwareentwicklungen) Syncovery 7.18d (HKLM\...\Syncovery x64_is1) (Version: 7.18d - Super Flexible Software) SysTools Docx Repair (HKLM-x32\...\SyTools Docx Repair - Demo Version 3.1.2_is1) (Version: - ) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) Trust Webcam (HKLM-x32\...\{F7DCAA4A-DDE8-481E-8D44-F6CDCD48DB0E}) (Version: 5.8.53003.1 - ) Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - ) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.13 - H+H Software GmbH) VirtualDJ 8 (HKLM-x32\...\{8C066069-C573-4F2E-A01C-D3156CF28DDC}) (Version: 8.0.2206.0 - Atomix Productions) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Works Update (x32 Version: 8.0.0.0000 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Anse\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Anse\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Anse\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Anse\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0239F94C-9EE7-4811-9CC4-371F7C84DAED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {038FEF2E-26C4-4161-B7C5-780AC2F5F98F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {06AFB886-C708-4E14-BBEB-20AE30DFD9A1} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {142C944E-A336-40FD-8168-A400D418BB10} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {4D8E11F5-3B5E-4CD1-9950-1797F2D80721} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {4DB8378D-263E-455E-9064-FCE4C383D3DC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {58858E86-ED45-4159-B19B-0E16F6D913F0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {5DF45EC4-C751-4997-A7D6-39B7351AC8A8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pc121@gmx.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated) Task: {5E6C6742-90F4-41E7-B464-162CBD853314} - System32\Tasks\AdobeAAMUpdater-1.0-Anse-PC-Anse => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated) Task: {741BE521-4994-479B-943A-6392C9DA1E1D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {842F861A-FBFF-44E6-8D39-9EA6CEDD3980} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {9514A129-E0CD-4473-B18A-B6BCB46F3638} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {968475E5-8480-449C-9AC6-9D3017D1741E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {9972E916-C8CB-456A-B6DD-2620E49C2AA3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12] (Adobe Systems Incorporated) Task: {9E57DF11-A252-4911-BDAF-8075A31C0169} - System32\Tasks\Paragon Updater => C:\Program Files (x86)\Paragon Software\Updater\Updater.exe [2015-08-24] (Paragon Software Group) Task: {A6A0B242-83C2-4701-84E9-DA4D5A794EF8} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {AF494794-1355-403A-85BC-E0C0F2DD9FF5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2688186270-3590573579-1487212105-1001Core => C:\Users\Anse\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {B090B0DA-7BF9-46B1-A863-9FC6ADE33604} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {BC7C44C8-D8B7-4C1B-AE20-94195A28451F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {BD12D37E-84A3-44FC-A456-F6773A84D893} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {D64F2726-E5A0-4E7C-A924-1AC98AD3DD32} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {DC6A86EF-4F0F-407F-BA81-66A8B6D4FE6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd) Task: {DED4E61D-F6AA-499B-BEBE-94B91D5F72FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2688186270-3590573579-1487212105-1001UA => C:\Users\Anse\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {E5476EEC-667D-4A22-82F3-1627951F97BF} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-08-10] (MSFree Inc.) Task: {E5554745-D840-43A8-B25B-C57845BEF95A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {EC010C0C-BC9B-4A3C-9CBB-1330A8643844} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2688186270-3590573579-1487212105-1001Core.job => C:\Users\Anse\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2688186270-3590573579-1487212105-1001UA.job => C:\Users\Anse\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Anse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ShortcutWithArgument: C:\Users\Anse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ShortcutWithArgument: C:\Users\Anse\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465571788&a=1054210&src=sh&uuid=c9390271-a7cf-4293-a638-2d2529af4e12" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2015-09-02 14:38 - 2015-09-02 14:38 - 00487936 _____ () C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\extservice.exe 2014-03-11 12:23 - 2010-03-16 01:18 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2014-11-12 15:18 - 2014-10-27 13:28 - 06169768 _____ () C:\Program Files\Syncovery\SyncoveryVSS.exe 2014-11-12 15:18 - 2015-07-10 00:49 - 27271344 _____ () C:\Program Files\Syncovery\SyncoveryService.exe 2015-07-29 11:34 - 2014-12-15 01:03 - 00241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2016-04-12 22:03 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-04-12 22:03 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-04-19 01:23 - 2016-04-19 01:23 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-19 09:14 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 15:33 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-11 15:33 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-11 15:33 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-11 15:33 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-11 15:33 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-05-03 19:07 - 2009-06-26 18:13 - 00241664 _____ () C:\Windows\tsnp2uvc.exe 2015-03-17 02:34 - 2015-03-17 02:34 - 00141312 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU 2015-12-18 17:42 - 2015-12-18 17:42 - 06999736 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\X64\AdobePDFMakerX.dll 2015-12-18 17:42 - 2015-12-18 17:42 - 03385856 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU 2015-07-30 04:32 - 2015-07-30 04:32 - 02210480 _____ () C:\Program Files\Microsoft Office\Office16\tmpod.dll 2015-07-31 10:58 - 2015-07-31 10:58 - 00588968 _____ () C:\Program Files\Microsoft Office\Office16\msfad.dll 2014-11-18 12:48 - 2015-02-03 12:29 - 00144384 _____ () C:\Program Files (x86)\Scand Ltd\Outlook4Gmail\ExMapi.x64.dll 2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2015-07-29 11:34 - 2015-03-14 11:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2015-07-29 11:34 - 2015-03-14 11:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2015-07-29 11:34 - 2015-03-14 11:54 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2015-07-29 11:34 - 2015-03-14 11:54 - 00759848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00137256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2015-08-11 16:36 - 2015-08-11 16:36 - 00024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll 2015-09-14 13:09 - 2015-09-14 13:09 - 00035792 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2015-09-14 14:58 - 2015-09-14 14:58 - 03973112 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll 2015-08-23 16:59 - 2015-08-23 16:59 - 00606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll 2015-09-14 14:50 - 2015-09-14 14:50 - 19710880 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll 2016-02-24 20:18 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\PATCHW32.dll 2014-10-16 11:21 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\PATCHW32.dll 2015-07-29 11:34 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2016-04-19 01:23 - 2016-04-19 01:23 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 01:23 - 2016-04-19 01:23 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2011-02-19 02:10 - 2011-02-19 02:10 - 01789952 _____ () C:\Program Files (x86)\MyPhoneExplorer\IconLib.dll 2015-12-11 09:03 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-06-04 00:18 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-06-04 00:18 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-11 09:03 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-11 09:03 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-11 09:03 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-06-04 00:18 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-11 09:03 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-11 09:03 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-11 09:03 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-11 09:03 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-06-04 00:18 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-02-12 14:26 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-02-12 14:26 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-06-04 00:18 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-06-04 00:18 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2015-12-11 09:03 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-06-04 00:18 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-02-12 14:26 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-12 14:26 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-12 14:26 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-11 09:03 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-12 14:26 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-06-04 00:18 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\librsync.dll 2016-06-04 00:18 - 2016-05-31 20:34 - 00031568 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-06-04 00:18 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-06-04 00:18 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-06-04 00:18 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-11 09:03 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\sip.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-11 09:03 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-04-15 05:37 - 2016-05-31 20:34 - 00025928 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2015-12-11 09:03 - 2016-05-31 20:34 - 00024904 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00546096 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-06-04 00:18 - 2016-05-31 20:34 - 00357680 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2016-06-04 00:18 - 2016-05-05 12:13 - 00017864 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\libEGL.dll 2016-06-04 00:18 - 2016-05-05 12:13 - 01631184 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 23:45 - 2016-05-05 12:15 - 00697304 _____ () C:\Users\Anse\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2014-03-11 12:23 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2015-09-14 13:09 - 2015-09-14 13:09 - 00445904 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2015-09-14 13:09 - 2015-09-14 13:09 - 00115664 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll 2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\comdirect.de -> hxxps://comdirect.de ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2015-11-19 11:37 - 00005998 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 adobe.com 127.0.0.1 2o7.net 127.0.0.1 adobeereg.com 127.0.0.1 im.adtech.de 127.0.0.1 adserver.adtech.de 127.0.0.1 adtech.de 127.0.0.1 atwola.com 127.0.0.1 adserver.71i.de 127.0.0.1 adicqserver.71i.de 127.0.0.1 71i.de 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 adobeereg.com 127.0.0.1 hxxp://www.adobeereg.com Da befinden sich 133 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\Control Panel\Desktop\\Wallpaper -> G:\DCIM\100NIKON\DSCN0944.JPG DNS Servers: 192.168.188.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\StartupFolder: => "Biet-O-Matic.lnk" HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher" HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "sfagent" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "VC10Player" HKLM\...\StartupApproved\Run32: => "DivXUpdate" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "WireLessKeyboard" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "gSyncit" HKU\S-1-5-21-2688186270-3590573579-1487212105-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{11B1607E-DE71-43B7-800C-CF5E391E7543}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe FirewallRules: [{62EB5CDD-DF3D-4A00-BF19-F038CC47E9FE}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\app\StarMoney.exe FirewallRules: [{BBFA881A-78CE-4A9B-8077-30B23D8652E5}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{921ADEC2-FD31-44BA-A44C-F2733B7ED139}] => (Allow) C:\Program Files (x86)\StarMoney 10 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{973078CA-C2BE-443D-BB64-5339EC04F1D1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{76ECB937-E2E2-425A-9DD6-F4906FB0A59D}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{F653D74C-CDD1-4648-8BE1-0FC739943CCE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{A65781F8-9345-4703-AB6A-43C08E650681}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{3FCB8A37-CD61-4819-A175-BAC08E5186D6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe FirewallRules: [{CAFCCE36-9518-40D7-87A0-530BCB2ACB13}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{58ACFAAF-2E89-4D1A-BFF7-39753262CF7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{FB34224F-08B9-4342-8A12-0F43CE2537DD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{0816C77C-13BA-4DDC-94B2-912D681E9990}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{1CAEF18F-FA0E-4CC8-99BD-907CBE887C96}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{3891915B-A384-4116-910C-D55ECADB2D08}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [UDP Query User{5FBB8584-E6E7-453D-87C9-215D03FC9316}C:\users\anse\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\anse\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{FE91F92B-FE40-479B-B214-DB2F38114397}C:\users\anse\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\anse\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{72E6278D-30B1-4C7F-B497-5FFEE1929624}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{4A7465F9-9464-4F9E-8D2B-3BA5BEC12D4D}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [{E50EF914-B138-43C4-8071-3698EA123874}] => (Allow) LPort=1689 FirewallRules: [UDP Query User{52F73181-A704-4C6E-8501-153A0BACB4E0}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{21F9D777-178B-4987-8C24-28239DCF414F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [{C04BA32F-9BD2-4203-B145-8F82A00459BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BDFE7580-7D95-40A1-9B3D-244A0DB3062A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F5A571C6-9929-4282-A150-C35849938240}] => (Allow) LPort=1900 FirewallRules: [{94FA6599-0940-44C2-82D9-A54CB88D3822}] => (Allow) LPort=2869 FirewallRules: [{062FC449-3AF3-46EA-B2F9-C0BD06AB6D6B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{8651AC80-E2B1-43D6-A589-9539D8BA343C}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{E284A25A-1347-4ACE-8367-E48A899005DB}] => (Allow) LPort=1689 FirewallRules: [{15481B10-0190-4797-9D40-066D75312C15}] => (Allow) C:\Users\Anse\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{A72349D8-3630-454A-BD51-072F604D9283}] => (Allow) C:\Users\Anse\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{128520B5-A8FD-4DA9-8AEA-918FC2A31CDE}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{17EEFFDD-EF17-45C6-996F-B9435127ADEA}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{B7A7AC1C-76F0-4DA9-856E-F64630153979}] => (Allow) C:\Users\Anse\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{475FE499-59FE-4AA4-97CD-CF946C440596}] => (Allow) C:\Users\Anse\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{01D0E8D1-5804-4826-9291-C50E4CB97296}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\app\StarMoney.exe FirewallRules: [{0DD722B9-863D-44D5-94BD-756058EFB6BF}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\app\StarMoney.exe FirewallRules: [{A3104AB8-F4BE-4563-B4E9-98B606A93E0C}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{B6EA2D10-9140-434F-87F6-86A4FB533DA4}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 apoEdition\ouservice\StarMoneyOnlineUpdate.exe FirewallRules: [{6B2DD5DD-179C-48C9-8009-DA7154A9E5D1}] => (Allow) LPort=54925 FirewallRules: [{31C8DD0C-4DC5-466A-914A-5D9FFC857B4D}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10e\FAXRX.exe FirewallRules: [{E11F0693-9C57-436B-A87D-9EEB48DA464B}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10e\FAXRX.exe FirewallRules: [{F4C3C8F5-0B41-41F7-8652-AF630531227E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4F609630-6FDE-4731-B0AC-09BB574F9DB2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{61C88A53-C1AC-4AB3-B7D1-8C8A7CD72CDF}] => (Allow) C:\Program Files (x86)\Laplink\PCmover\pcmover.exe FirewallRules: [{9706FBB0-41AE-4AFD-A338-9402C153117D}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe FirewallRules: [{B4403229-0BA7-425C-BCC9-58180BAAC137}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe FirewallRules: [TCP Query User{4B624E80-0299-453D-8DC7-6AD86A6FB2EE}D:\div. software\fritz box\fritz.box_7490.06.30.recover-image.exe] => (Allow) D:\div. software\fritz box\fritz.box_7490.06.30.recover-image.exe FirewallRules: [UDP Query User{D9D7F4A7-60ED-42AD-85DB-B25401E4940C}D:\div. software\fritz box\fritz.box_7490.06.30.recover-image.exe] => (Allow) D:\div. software\fritz box\fritz.box_7490.06.30.recover-image.exe FirewallRules: [{9D107020-8625-4C5C-AA52-4DB2B746D2B2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{8681DE58-A103-46E1-AE41-7CF5537CC330}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe FirewallRules: [{CA5406EF-AEAC-40F0-A201-C95D055DBDD2}] => (Allow) E:3\Password-Finder\passrecpk\SniffPass.exe FirewallRules: [{80D4AE08-83B5-4022-970C-B56FE9A27DD7}] => (Allow) E:3\Password-Finder\passrecpk\SniffPass.exe FirewallRules: [{B5E20978-27D5-445A-9084-BECFAB2B2981}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{24B467A6-614E-4005-9942-D768BB1A474F}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{B8230BE1-CBD6-48D0-8873-E517AC4B9069}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{A61911C5-FF3A-4E30-9F5C-95A16BFEC95D}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{33821515-E4F0-4A44-99A2-C8E061F00C03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{48CC422E-B9B6-48AA-83C1-404542E714FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{6342E089-945C-4E70-AE72-8DEC5768BFB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6799C1ED-D61B-4FF0-B035-1D8F02FFA133}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/14/2016 10:32:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/14/2016 10:21:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANSE-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/14/2016 09:19:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/14/2016 08:05:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/14/2016 04:25:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/14/2016 03:12:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/14/2016 01:59:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/14/2016 01:00:59 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073422333 Error: (06/14/2016 12:46:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/13/2016 11:33:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Systemfehler: ============= Error: (06/14/2016 10:21:27 AM) (Source: DCOM) (EventID: 10010) (User: ANSE-PC) Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca Error: (06/13/2016 05:15:16 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (06/13/2016 05:12:05 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000001e (0xffffffffc0000005, 0xfffff803cca552c0, 0x0000000000000000, 0xffffffffffffffff)C:\Windows\MEMORY.DMP00000000-0000-0000-0000-000000000000 Error: (06/13/2016 05:12:05 PM) (Source: BugCheck) (EventID: 1005) (User: ) Description: Error: (06/13/2016 05:12:04 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 13.06.2016 um 16:54:24 unerwartet heruntergefahren. Error: (06/13/2016 02:43:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (06/13/2016 11:33:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_487a9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/13/2016 11:33:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _487a9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/13/2016 11:33:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_487a9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/13/2016 11:33:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_487a9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-05-15 00:23:46.916 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-14 06:35:46.464 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 13:48:42.982 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-12 01:48:48.746 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 18:48:03.859 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-29 11:54:59.567 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-13 02:34:27.188 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-10 16:32:28.680 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-03 03:17:54.194 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-12 10:22:09.019 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Prozentuale Nutzung des RAM: 58% Installierter physikalischer RAM: 6142.48 MB Verfügbarer physikalischer RAM: 2542.79 MB Summe virtueller Speicher: 12542.48 MB Verfügbarer virtueller Speicher: 8592.25 MB ==================== Laufwerke ================================ Drive c: (System) (Fixed) (Total:237.69 GB) (Free:143.75 GB) NTFS Drive d: (Große Socke) (Fixed) (Total:1397.26 GB) (Free:381.34 GB) NTFS Drive e: (Videos) (Fixed) (Total:931.51 GB) (Free:466.6 GB) NTFS Drive y: () (Network) (Total:2794.92 GB) (Free:988.24 GB) Drive z: () (Network) (Total:2794.92 GB) (Free:988.23 GB) ==================== MBR & Partitionstabelle ================== ==================== Ende von Addition.txt ============================ Geändert von nadarosa (14.06.2016 um 09:43 Uhr) |
14.06.2016, 11:01 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Bekomme Malware nicht ganz wegZitat:
__________________ |
14.06.2016, 11:27 | #3 |
| Bekomme Malware nicht ganz weg wie ich schon geschrieben habe, weiß ich nicht, wo ich die Logs finden kann. Im Programm sind sie nicht aufrufbar. Kannst du mir einen Tipp geben?
__________________ |
14.06.2016, 11:37 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Bekomme Malware nicht ganz weg
__________________ Logfiles bitte immer in CODE-Tags posten |
14.06.2016, 11:51 | #5 |
| Bekomme Malware nicht ganz weg #cosinus: hast Du meine letzte Nachricht gelesen??? |
Themen zu Bekomme Malware nicht ganz weg |
andere, anderen, automatisch, avira, bereinigt, browser, browsern, ccleaner, dnsapi.dll, erscheint, esgscanner.sys, firefox, free download, installier, installierte, laufen, launch, malware, malwarebytes, neustart, office 2016, programme, reset, seite, starte, startseite, unterschiedliche, verändert, video, wechsel, windowsapps |