| |
| |||||||
Log-Analyse und Auswertung: Browser öffnen verschiedene LinksWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.09.2016, 12:21
| #1 |
 |  Browser öffnen verschiedene Links Hallo Leute, seit ca. 2 Tagen habe ich das Problem, dass mein Computer bzw. meine Browser (FF Developer, FF, IE, Google Crome, Internet Explorer und Opera) beim öffnen oder auch zwischendurch verschiedene Links öffnen. Meistens öffnet sich auch tech-connect.biz. Da hab ich mir gedacht, ich habe mal wieder eine doofes Addon, dass ich einfach löschen kann - aber so war es nicht. Ich konnte weder in den Addons oder unter den Programmen (Systemmsteuerung/Programme und Features) was verdächtiges finden. Hab aber mal trotzdem einige Programme gelöscht, die ich zu letzt runtergeladen/installiert habe (aber das war auch schön länger wie 2 Tage installiert). Auf meinem Computer läuft Avira Antivirus Pro. Mein Computer: Win 8.1, 64 Bit. Was ich bisher gemacht habe: - Malwarebytes - Anti-Malware - Spybot-S&D - ADWCleaner Es wurde auch was gefunden, das wurde entfernt aber leider wurde mein Problem damit noch nicht behoben. Dazu habe ich dann mal die Browser Google Chrome und Opera deinstalliert. Daher frage ich hier um Rat, was ich noch machen könnte. Leider habe ich keine Logs gesichert, das hab ich gerade erst gelesen, dass diese benötigt werden.  Gerne kann ich folgende Programme nochmal durchlaufen lassen und anschließend die Logs posten. Vielen Dank.  FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 durchgeführt von Florian (Administrator) auf FLORIANS-PC-2 (06-09-2016 14:15:08) Gestartet von C:\Users\Florian\Desktop Geladene Profile: Florian (Verfügbare Profile: Florian) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Firefox Developer Edition\firefox.exe" -osint -url "%1") Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (AMD) C:\windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe (Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\windows\System32\alg.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (AMD) C:\windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\windows\System32\dllhost.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Centered Systems) C:\Program Files (x86)\Second Copy 8\SecCopy.exe (Mozilla Corporation) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Mozilla Corporation) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-07] (Hewlett-Packard ) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-07] (IDT, Inc.) HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-01-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [Second Copy] => C:\Program Files (x86)\Second Copy 8\SecCopy.exe [3128616 2013-01-28] (Centered Systems) HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated) HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd) HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [Grid] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe [2027008 2014-01-29] () HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] () BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{4ABA4346-4293-46EB-B993-ADA6CABF595B}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{C9143942-8B63-4C45-A7FF-E689D080CCE6}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 Tcpip\..\Interfaces\{FFA2BBB8-8435-4886-A473-64824146B7E7}: [DhcpNameServer] 192.168.69.254 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4 HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK14/4 HKU\S-1-5-21-2793355485-2781283580-1022224705-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK14/4 SearchScopes: HKLM -> {2F0212C0-BDCD-4045-8C40-6513D19E45BE} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation) BHO: Kein Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-23] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-23] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) FireFox: ======== FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default FF Homepage: www.google.de FF NetworkProxy: "socks_remote_dns", true FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-23] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Extension: (FavIconReloader) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\FavIconReloader@mozilla.org [2015-05-29] FF Extension: (ColorZilla) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2015-09-07] FF Extension: (View Cookies) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{8F6A6FD9-0619-459f-B9D0-81DE065D4E21}.xpi [2015-12-28] FF Extension: (MeasureIt) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi [2016-03-21] FF Extension: (YSlow) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\yslow@yahoo-inc.com.xpi [2016-04-28] FF Extension: (Firesizer) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}.xpi [2016-04-28] FF Extension: (Live HTTP headers) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2016-04-28] FF Extension: (User Agent Switcher) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2016-04-28] FF Extension: (Web Developer) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-08-31] FF Extension: (Saved Password Editor) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\savedpasswordeditor@daniel.dawson.xpi [2016-09-05] FF Extension: (FoxyProxy Standard) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\foxyproxy@eric.h.jung [2016-09-05] FF Extension: (FireShot) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-09-05] FF Extension: (Avira Browser Safety) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\abs@avira.com [2016-07-15] FF Extension: (AutoProxy) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\autoproxy@autoproxy.org.xpi [2016-04-28] FF Extension: (colorPicker) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\colorPicker@colorPicker.xpi [2016-04-28] FF Extension: (Firebug) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\firebug@software.joehewitt.com.xpi [2016-06-08] FF Extension: (Firefox Hotfix) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01] FF Extension: (FireQuery) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\firequery@binaryage.com.xpi [2016-06-08] FF Extension: (The Addon Bar (restored)) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2016-05-09] FF Extension: (Total Validator) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\validator@totalvalidator.com.xpi [2016-01-05] FF Extension: (BrowserStack) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\lg0v2vkp.default\Extensions\{6cc0f0f7-a6e2-4834-9682-24de2229b51e}.xpi [2016-09-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18] StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1942471054.js [2016-09-01] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1942471054.cfg [2016-09-01] <==== ACHTUNG Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG) R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [828656 2013-11-18] (Condusiv Technologies) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-12] (Intel Corporation) S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation) R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Corporation) R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-12] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [Datei ist nicht signiert] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-07] (IDT, Inc.) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH) S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-17] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-22] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-27] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-27] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-18] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] () S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-09-06] () S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25840 2013-11-18] (Condusiv Technologies) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [117488 2013-11-18] (Condusiv Technologies) R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-10-20] (REALiX(tm)) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-06] (Malwarebytes) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-12] (Intel Corporation) R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation) S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 massfilter; system32\drivers\massfilter.sys [X] S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-06 14:15 - 2016-09-06 14:15 - 00029029 _____ C:\Users\Florian\Desktop\FRST.txt 2016-09-06 13:28 - 2016-09-06 13:28 - 00000000 ___SH C:\DkHyperbootSync 2016-09-06 13:26 - 2016-09-06 13:26 - 02397696 _____ (Farbar) C:\Users\Florian\Desktop\FRST64.exe 2016-09-06 12:43 - 2016-09-06 12:43 - 03826240 _____ C:\Users\Florian\Downloads\adwcleaner_6.010.exe 2016-09-06 11:42 - 2016-09-06 13:17 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2016-09-06 11:42 - 2016-09-06 11:42 - 00001085 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-09-06 11:42 - 2016-09-06 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-09-06 11:42 - 2016-09-06 11:42 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-09-06 11:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2016-09-06 11:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys 2016-09-06 11:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2016-09-06 11:41 - 2016-09-06 11:41 - 22851472 _____ (Malwarebytes ) C:\Users\Florian\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe 2016-09-06 11:41 - 2016-09-06 11:41 - 00000000 ____D C:\Program Files\Common Files\AV 2016-09-06 11:41 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2016-09-06 11:40 - 2016-09-06 12:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-09-06 11:40 - 2016-09-06 11:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-09-06 11:40 - 2016-09-06 11:40 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-09-06 11:40 - 2016-09-06 11:40 - 00001362 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2016-09-06 11:40 - 2016-09-06 11:40 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking 2016-09-06 11:40 - 2016-09-06 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2016-09-06 11:40 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe 2016-09-06 11:39 - 2016-09-06 11:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Florian\Downloads\spybot-2.4.exe 2016-09-06 11:05 - 2016-09-06 11:05 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignba7e0bde20c1a24e 2016-09-06 11:05 - 2016-09-06 11:05 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign6ce9ac0d1d5d9805 2016-09-06 11:05 - 2016-09-06 11:05 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign1ab19861778fc328 2016-09-06 10:55 - 2016-09-06 14:15 - 00000000 ____D C:\FRST 2016-09-06 10:34 - 2016-09-06 10:34 - 00004895 _____ C:\Users\Florian\Desktop\JRT.txt 2016-09-06 10:13 - 2016-09-06 10:13 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignf1333eede4189452 2016-09-06 10:13 - 2016-09-06 10:13 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignac7eb785bdca82e5 2016-09-06 10:13 - 2016-09-06 10:13 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign46eb1233694e4d2e 2016-09-06 09:59 - 2016-09-06 09:59 - 00000000 ____D C:\Users\Florian\AppData\Local\vsixinstaller 2016-09-06 09:54 - 2016-09-06 09:54 - 00057419 _____ C:\Users\Florian\Downloads\2016-08-31T20-18 Transaktionsnummer 1026860944095772-2076098.pdf 2016-09-06 09:51 - 2016-09-06 09:51 - 00058162 _____ C:\Users\Florian\Downloads\804554514913-17.pdf 2016-09-06 09:50 - 2016-09-06 09:50 - 00058831 _____ C:\Users\Florian\Downloads\852363422959-12.pdf 2016-09-06 09:16 - 2016-09-06 09:16 - 00022704 _____ C:\windows\system32\Drivers\EsgScanner.sys 2016-09-06 09:16 - 2016-09-06 09:16 - 00000000 _____ C:\autoexec.bat 2016-09-06 08:32 - 2016-09-06 12:44 - 00000000 ____D C:\AdwCleaner 2016-09-06 08:11 - 2016-09-06 08:11 - 00000000 ____D C:\Users\Florian\Desktop\Alte Firefox-Daten 2016-09-06 08:04 - 2016-09-06 08:14 - 00000000 ____D C:\Program Files (x86)\Firefox Developer Edition 2016-09-05 16:54 - 2016-09-05 16:54 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign489f68d82c4d712a 2016-09-05 15:53 - 2016-09-05 15:53 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign875540dd4580cb02 2016-09-05 15:53 - 2016-09-05 15:53 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign47fac0fab6c277c0 2016-09-05 15:53 - 2016-09-05 15:53 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign24190914e70c6d50 2016-09-05 09:03 - 2016-09-05 09:03 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignb1c423d834e77e34 2016-09-05 09:02 - 2016-09-05 09:02 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignd8353bc6536d7139 2016-09-05 09:02 - 2016-09-05 09:02 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign86fc78a80111e92c 2016-09-02 16:35 - 2016-09-02 16:35 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-02 14:53 - 2016-09-02 14:53 - 00000000 ____D C:\Users\Florian\AppData\Local\Chromium 2016-09-02 09:33 - 2016-09-02 11:18 - 00000000 ____D C:\Users\Florian\Desktop\Sicherung-Bike 2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign9899efdda6907b55 2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign80baba4c739b11ca 2016-09-02 09:16 - 2016-09-02 09:16 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign080abe443cee2c4a 2016-09-01 16:42 - 2016-09-01 16:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign88332ab52f58b87b 2016-09-01 16:42 - 2016-09-01 16:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign137bcf4aa772eb32 2016-09-01 16:42 - 2016-09-01 16:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign07b6ce9a08fcd263 2016-09-01 16:41 - 2016-09-01 16:41 - 02375112 _____ C:\Users\Florian\Desktop\etiket_scamorza_graukaese.pdf 2016-09-01 15:39 - 2016-09-01 15:39 - 01848953 _____ C:\Users\Florian\Desktop\Plakat_Laurenzi-Markt_2016_4C.PDF 2016-09-01 11:42 - 2016-09-01 11:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignb3662f6e18df5899 2016-09-01 11:42 - 2016-09-01 11:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigna4b5c11cc2a80855 2016-09-01 11:42 - 2016-09-01 11:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign3d3ee98c11c0e3c8 2016-09-01 09:55 - 2016-09-01 09:55 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigna164cd1d4f4c3522 2016-09-01 09:55 - 2016-09-01 09:55 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign5e14e40d50850eb1 2016-09-01 09:55 - 2016-09-01 09:55 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign29acdbeb21588c3a 2016-09-01 09:28 - 2016-09-01 09:28 - 00000000 ____D C:\ProgramData\Webitar Production Inc 2016-08-31 14:08 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignabffd176dbc2cf2d 2016-08-31 14:08 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign1831c562d778a745 2016-08-31 14:08 - 2016-08-31 14:08 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign0fbb9f2c09ec175c 2016-08-31 11:36 - 2016-08-31 11:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignf85772db63f8c8be 2016-08-31 11:36 - 2016-08-31 11:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign90c44c3de9e1187d 2016-08-31 11:36 - 2016-08-31 11:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign8778d45b25a970a2 2016-08-31 10:31 - 2016-08-31 10:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignf00fd0081b8ace8f 2016-08-31 10:31 - 2016-08-31 10:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign7e92327de7675a9c 2016-08-31 10:31 - 2016-08-31 10:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign67a259c0b95a57e6 2016-08-31 10:02 - 2016-08-31 10:02 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign59f7ec1829572294 2016-08-31 08:19 - 2016-08-31 08:19 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign90ee3e1ea8f95a6d 2016-08-31 08:19 - 2016-08-31 08:19 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign83d70fd41e179242 2016-08-31 08:04 - 2016-08-31 08:04 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2016-08-31 08:04 - 2016-08-31 08:04 - 00001124 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2016-08-29 16:36 - 2016-08-29 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignbbcc4c2897813243 2016-08-29 16:36 - 2016-08-29 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign97db7c634b6671cb 2016-08-29 16:36 - 2016-08-29 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign96e7ba457c107d17 2016-08-29 16:36 - 2016-08-29 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign8a69bcca3775ce24 2016-08-26 12:11 - 2016-08-26 12:11 - 00001121 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-08-24 14:24 - 2016-09-01 09:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-22 10:27 - 2016-08-22 10:27 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign4c8b1be193f00c4c 2016-08-22 10:20 - 2016-08-22 10:20 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignc8599b2b3bc49364 2016-08-22 10:20 - 2016-08-22 10:20 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign02625db66a42b7e2 2016-08-22 09:14 - 2016-08-22 09:14 - 01040919 _____ C:\Users\Florian\Downloads\Fotolia_90055729_V.zip 2016-08-22 09:14 - 2016-08-22 09:14 - 00702066 _____ C:\Users\Florian\Downloads\Fotolia_58446126_V.zip 2016-08-22 09:14 - 2016-08-22 09:14 - 00677255 _____ C:\Users\Florian\Downloads\Fotolia_98140119_V.zip 2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignf3e4093b72300ca5 2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignd57f16c72cb40f8f 2016-08-19 16:42 - 2016-08-19 16:42 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign0d1437e1dc7156de 2016-08-19 09:54 - 2016-08-19 09:54 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigneae9e39fde056db5 2016-08-19 09:54 - 2016-08-19 09:54 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignb41bc0d3f694d230 2016-08-19 09:54 - 2016-08-19 09:54 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignaf48780156702f83 2016-08-17 14:31 - 2016-08-17 14:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigne7e9bc2e81b66ffb 2016-08-17 14:31 - 2016-08-17 14:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign2d817d04322f44fe 2016-08-17 14:31 - 2016-08-17 14:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign0ad9b5d7f7ed9333 2016-08-17 09:41 - 2016-08-17 09:41 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigncb12dcebbbb758a3 2016-08-17 09:41 - 2016-08-17 09:41 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignb101dac16684a054 2016-08-17 09:41 - 2016-08-17 09:41 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign922b411c3cd23b86 2016-08-17 09:41 - 2016-08-17 09:41 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign2a588c349a16abf4 2016-08-16 16:36 - 2016-08-16 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignb81c25834852a2d6 2016-08-16 16:36 - 2016-08-16 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigna4fb89020e855e81 2016-08-16 16:36 - 2016-08-16 16:36 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign831604ae5eaddab8 2016-08-16 16:03 - 2016-08-17 14:42 - 00000000 ____D C:\Users\Florian\Desktop\Bilder für Homepage 2016-08-16 15:23 - 2016-08-16 15:23 - 00000000 ____D C:\Users\Florian\asasas 2016-08-16 15:13 - 2016-08-16 15:43 - 00000000 ____D C:\Users\Florian\Desktop\Neuer Ordner (2) 2016-08-16 15:09 - 2016-08-16 15:09 - 00000000 ____D C:\Users\Public\Documents\CyberLink 2016-08-16 15:09 - 2016-08-16 15:09 - 00000000 ____D C:\Users\Florian\Documents\CyberLink 2016-08-16 15:09 - 2016-08-16 15:09 - 00000000 ____D C:\Users\Florian\AppData\Roaming\CyberLink 2016-08-16 15:09 - 2016-08-16 15:09 - 00000000 ____D C:\Users\Florian\AppData\Local\MediaShow 2016-08-16 15:08 - 2016-08-16 15:08 - 00000000 ____D C:\Users\Florian\AppData\Local\CyberLink 2016-08-16 11:09 - 2016-08-16 11:09 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignbceafa3a1a1e8e71 2016-08-16 11:09 - 2016-08-16 11:09 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignaebeb3fb03d20d16 2016-08-16 11:09 - 2016-08-16 11:09 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsigna097e951942dfdba 2016-08-16 08:06 - 2016-09-01 10:48 - 00002076 _____ C:\Users\Public\Desktop\FileZilla Client.lnk 2016-08-11 16:59 - 2016-08-11 16:59 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign28d52f9c28d4de12 2016-08-11 16:59 - 2016-08-11 16:59 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign22f539ea598b9cf1 2016-08-11 16:59 - 2016-08-11 16:59 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign0d22f57df0d1b2c9 2016-08-11 14:08 - 2016-08-11 14:08 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignf800777b5d94d658 2016-08-11 14:08 - 2016-08-11 14:08 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignef9b8c9391d66fb8 2016-08-11 14:07 - 2016-08-11 14:07 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign2dfee39abc81f36b 2016-08-11 11:57 - 2016-08-11 11:57 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignd675f2211808f57d 2016-08-11 11:57 - 2016-08-11 11:57 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign6a11455d0dbe5287 2016-08-11 11:57 - 2016-08-11 11:57 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign586b4c7e47157d72 2016-08-10 16:08 - 2016-08-16 15:44 - 00000000 ____D C:\Users\Florian\Desktop\Neuer Ordner 2016-08-10 15:04 - 2016-08-10 15:04 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign01295d63195adb24 2016-08-10 09:33 - 2016-08-10 09:33 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignf248d4fc7fd54c36 2016-08-10 09:33 - 2016-08-10 09:33 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignaea3d91d613864ab 2016-08-10 08:23 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys 2016-08-10 08:23 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpfve.sys 2016-08-10 08:23 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2016-08-10 08:23 - 2016-06-11 21:52 - 00057184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys 2016-08-10 08:23 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\gpresult.exe 2016-08-10 08:23 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2016-08-10 08:23 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\tpmvsc.dll 2016-08-10 08:23 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\webio.dll 2016-08-10 08:23 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll 2016-08-10 08:23 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2016-08-10 08:23 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll 2016-08-10 08:23 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll 2016-08-10 08:23 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll 2016-08-10 08:23 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll 2016-08-10 08:23 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll 2016-08-10 08:23 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2016-08-10 08:23 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2016-08-10 08:23 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe 2016-08-10 08:23 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll 2016-08-10 08:23 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll 2016-08-10 08:23 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\windows\system32\cryptxml.dll 2016-08-10 08:23 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptxml.dll 2016-08-10 08:23 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll 2016-08-10 08:23 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2016-08-10 08:23 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2016-08-10 08:23 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll 2016-08-10 08:23 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll 2016-08-10 08:23 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2016-08-10 08:23 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2016-08-10 08:23 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2016-08-10 08:23 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe 2016-08-10 08:23 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll 2016-08-10 08:23 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll 2016-08-10 08:23 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2016-08-10 08:23 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2016-08-10 08:23 - 2016-05-14 01:08 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys 2016-08-10 08:23 - 2016-05-14 01:08 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys 2016-08-10 08:23 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2016-08-10 08:23 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2016-08-10 08:23 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll 2016-08-10 08:23 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2016-08-10 08:23 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2016-08-10 08:23 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2016-08-10 08:23 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\windows\system32\UserAccountBroker.exe 2016-08-10 08:23 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserAccountBroker.exe 2016-08-10 08:23 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys 2016-08-10 08:23 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2016-08-10 08:23 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll 2016-08-10 08:23 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll 2016-08-10 08:23 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe 2016-08-10 08:23 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\windows\system32\msi.dll 2016-08-10 08:23 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe 2016-08-10 08:23 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll 2016-08-10 08:23 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL 2016-08-10 08:23 - 2016-04-10 07:35 - 00551256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys 2016-08-10 08:23 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Geolocation.dll 2016-08-10 08:23 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll 2016-08-10 08:23 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll 2016-08-10 08:23 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll 2016-08-10 08:23 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Geolocation.dll 2016-08-10 08:23 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll 2016-08-10 08:23 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll 2016-08-10 08:23 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll 2016-08-10 08:23 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll 2016-08-10 08:23 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mup.sys 2016-08-10 08:23 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys 2016-08-10 08:23 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll 2016-08-10 08:23 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll 2016-08-10 08:23 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys 2016-08-10 08:22 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpresult.exe 2016-08-10 08:22 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\hbaapi.dll 2016-08-10 08:22 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\hbaapi.dll 2016-08-10 08:22 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll 2016-08-10 08:22 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll 2016-08-10 08:22 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe 2016-08-10 08:22 - 2016-05-14 01:08 - 00032512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys 2016-08-10 08:22 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2016-08-10 08:22 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2016-08-10 08:22 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2016-08-10 08:22 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2016-08-10 08:22 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2016-08-10 08:22 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2016-08-10 08:22 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll 2016-08-10 08:22 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2016-08-10 08:22 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll 2016-08-10 08:22 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll 2016-08-10 08:22 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll 2016-08-10 08:22 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\BdeHdCfgLib.dll 2016-08-10 08:22 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll 2016-08-10 08:22 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\windows\system32\bdesvc.dll 2016-08-10 08:22 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll 2016-08-10 08:22 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\httpprxp.dll 2016-08-10 08:22 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\windows\system32\httpprxm.dll 2016-08-10 08:22 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\adhsvc.dll 2016-08-10 08:20 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2016-08-10 08:20 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2016-08-10 08:20 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2016-08-10 08:20 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2016-08-10 08:20 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2016-08-10 08:20 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2016-08-10 08:20 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2016-08-10 08:20 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2016-08-10 08:20 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2016-08-10 08:20 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2016-08-10 08:20 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2016-08-10 08:20 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2016-08-10 08:20 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2016-08-10 08:20 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2016-08-10 08:20 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2016-08-10 08:20 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2016-08-10 08:20 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2016-08-10 08:20 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2016-08-10 08:20 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2016-08-10 08:20 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2016-08-10 08:20 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2016-08-10 08:20 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2016-08-10 08:20 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2016-08-10 08:20 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2016-08-10 08:20 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2016-08-10 08:20 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2016-08-10 08:20 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2016-08-10 08:20 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2016-08-10 08:20 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2016-08-10 08:20 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2016-08-10 08:20 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2016-08-10 08:17 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll 2016-08-10 08:17 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2016-08-10 08:17 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2016-08-10 08:17 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll 2016-08-10 08:17 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll 2016-08-10 08:17 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2016-08-10 08:17 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll 2016-08-10 08:17 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll 2016-08-10 08:17 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2016-08-10 08:17 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2016-08-10 08:17 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2016-08-10 08:17 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll 2016-08-10 08:17 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll 2016-08-10 08:17 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll 2016-08-10 08:17 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll 2016-08-10 08:17 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2016-08-10 08:17 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll 2016-08-10 08:17 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2016-08-10 08:17 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll 2016-08-09 16:48 - 2016-08-09 16:48 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignbf138db28265eb20 2016-08-09 16:48 - 2016-08-09 16:48 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign1682f1ee57312a25 2016-08-09 08:52 - 2016-08-09 08:52 - 00000000 ____D C:\Users\Florian\Documents\iMacros 2016-08-09 08:06 - 2016-08-09 08:26 - 00000000 ____D C:\Users\Florian\Downloads\WeTransfer-Files 2016-08-09 08:00 - 2016-08-09 08:00 - 00008972 _____ C:\Users\Florian\Desktop\Urlaub.xlsx 2016-08-08 11:55 - 2016-08-08 11:55 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign0d16a18bdc1a870b 2016-08-08 11:53 - 2016-08-08 11:53 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignedb10803b9f39511 2016-08-08 11:53 - 2016-08-08 11:53 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignb1649e681ded3a2d 2016-08-08 10:30 - 2016-08-08 10:30 - 00001772 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-08-08 10:30 - 2016-08-08 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-08-08 10:29 - 2016-08-08 10:30 - 00000000 ____D C:\Program Files\iTunes 2016-08-08 10:29 - 2016-08-08 10:29 - 00000000 ____D C:\Program Files\iPod 2016-08-08 10:29 - 2016-08-08 10:29 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-08-08 08:43 - 2016-08-08 08:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-08-08 08:42 - 2016-08-08 08:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-08-08 08:42 - 2016-08-08 08:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-08-08 08:16 - 2016-08-08 08:16 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignac9571048ef3f1cb 2016-08-08 08:16 - 2016-08-08 08:16 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign9f03bf020bf69a1e 2016-08-08 08:10 - 2016-01-08 01:42 - 00993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll 2016-08-08 08:10 - 2016-01-08 01:42 - 00987848 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll 2016-08-08 08:10 - 2016-01-08 01:42 - 00690016 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll 2016-08-08 08:10 - 2016-01-08 01:42 - 00484552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll 2016-08-08 08:10 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys 2016-08-08 08:10 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys 2016-08-08 08:10 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\rascfg.dll 2016-08-08 08:10 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\rascfg.dll 2016-08-08 08:09 - 2015-12-16 19:11 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll 2016-08-08 08:09 - 2015-12-16 18:51 - 00868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll 2016-08-08 08:08 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe 2016-08-08 08:08 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll 2016-08-08 08:08 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll 2016-08-08 08:08 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll 2016-08-08 08:08 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll 2016-08-08 08:08 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll 2016-08-08 08:08 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys 2016-08-08 08:08 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll 2016-08-08 08:08 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll 2016-08-08 08:08 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll 2016-08-08 08:08 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys 2016-08-08 08:08 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\kmddsp.tsp 2016-08-08 08:08 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\rasmxs.dll 2016-08-08 08:08 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\rasser.dll 2016-08-08 08:08 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\rasdiag.dll 2016-08-08 08:08 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kmddsp.tsp 2016-08-08 08:08 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasmxs.dll 2016-08-08 08:08 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasser.dll 2016-08-08 08:08 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasdiag.dll 2016-08-08 08:08 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll 2016-08-08 08:08 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll 2016-08-08 08:08 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe 2016-08-08 08:08 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL 2016-08-08 08:08 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL 2016-08-08 08:08 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll 2016-08-08 08:08 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll 2016-08-08 08:08 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll 2016-08-08 08:08 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL 2016-08-08 08:08 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL 2016-08-08 08:08 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll 2016-08-08 08:08 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll 2016-08-08 08:08 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll 2016-08-08 08:08 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll 2016-08-08 08:08 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll 2016-08-08 08:08 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys 2016-08-08 08:08 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\windows\splwow64.exe 2016-08-08 08:08 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe 2016-08-08 08:08 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll 2016-08-08 08:08 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll 2016-08-08 08:08 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\eventcls.dll 2016-08-08 08:08 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\eventcls.dll 2016-08-08 08:08 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\vsstrace.dll 2016-08-08 08:08 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll 2016-08-08 08:08 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vsstrace.dll 2016-08-08 08:08 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll 2016-08-08 08:08 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys 2016-08-08 08:08 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys 2016-08-08 08:07 - 2016-08-08 08:07 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsignded5d2a194d8874a 2016-08-08 08:07 - 2016-08-08 08:07 - 00000000 ____D C:\Users\Florian\AppData\Local\Tempzxpsign4bd902c56cab0566 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-06 14:14 - 2016-07-27 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-09-06 14:12 - 2015-01-05 19:20 - 00003814 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{51C9A931-54AC-48DD-86A1-10A63D42E075} 2016-09-06 14:02 - 2015-02-23 11:57 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2016-09-06 13:06 - 2015-01-05 18:28 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2793355485-2781283580-1022224705-1001 2016-09-06 13:01 - 2015-10-05 14:48 - 00000000 ___RD C:\Users\Florian\Creative Cloud Files 2016-09-06 13:01 - 2015-09-07 09:06 - 00000000 ____D C:\Users\Florian\AppData\LocalLow\Mozilla 2016-09-06 13:01 - 2015-01-07 19:31 - 00000000 ____D C:\Users\Florian\AppData\Local\Adobe 2016-09-06 13:01 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf 2016-09-06 12:59 - 2014-06-18 23:08 - 00761394 _____ C:\windows\system32\perfh007.dat 2016-09-06 12:59 - 2014-06-18 23:08 - 00174110 _____ C:\windows\system32\perfc007.dat 2016-09-06 12:59 - 2014-03-18 17:32 - 01792832 _____ C:\windows\system32\PerfStringBackup.INI 2016-09-06 12:57 - 2015-06-23 07:31 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-09-06 12:55 - 2016-08-02 08:09 - 00000440 _____ C:\windows\system32\Drivers\etc\hosts.ics 2016-09-06 12:53 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-09-06 12:44 - 2015-03-13 17:47 - 00000000 ____D C:\Users\Florian\AppData\Local\CrashDumps 2016-09-06 12:44 - 2014-06-18 14:40 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-09-06 11:36 - 2015-02-04 18:54 - 00000368 _____ C:\windows\Tasks\HPCeeScheduleForFlorian.job 2016-09-06 11:27 - 2015-02-04 19:53 - 00000000 ____D C:\Users\Florian\AppData\Roaming\TeamViewer 2016-09-06 11:27 - 2015-02-04 18:54 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForFlorian 2016-09-06 11:25 - 2015-02-04 19:32 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2016-09-06 11:25 - 2014-04-02 16:46 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-06 11:24 - 2016-07-29 08:53 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2016-09-06 11:23 - 2016-07-29 09:03 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2016-09-06 11:23 - 2016-07-29 08:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2016-09-06 11:21 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-09-06 11:20 - 2015-03-18 08:33 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Opera Software 2016-09-06 11:20 - 2015-03-18 08:33 - 00000000 ____D C:\Users\Florian\AppData\Local\Opera Software 2016-09-06 11:20 - 2015-03-18 08:33 - 00000000 ____D C:\Program Files (x86)\Opera 2016-09-06 11:20 - 2015-03-12 17:41 - 00000000 ____D C:\Users\Florian\AppData\Local\Google 2016-09-06 11:20 - 2015-03-12 17:41 - 00000000 ____D C:\Program Files (x86)\Google 2016-09-06 11:17 - 2015-02-04 18:56 - 00000000 ____D C:\Users\Florian\AppData\Roaming\FileZilla 2016-09-06 10:04 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-09-06 10:02 - 2016-07-29 08:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2016-09-06 10:02 - 2014-04-02 16:45 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-09-06 09:47 - 2015-01-05 18:22 - 00000000 ____D C:\Users\Florian\AppData\Local\Packages 2016-09-06 09:16 - 2015-01-05 18:22 - 00000000 ____D C:\Users\Florian 2016-09-06 08:45 - 2015-01-05 18:22 - 00000000 ____D C:\Users\Florian\AppData\Local\SweetLabs App Platform 2016-09-06 08:14 - 2015-01-05 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-09-06 08:10 - 2015-11-04 12:33 - 00001200 _____ C:\Users\Public\Desktop\Firefox Developer Edition.lnk 2016-09-06 08:09 - 2015-01-05 19:21 - 00001130 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-09-05 16:56 - 2015-02-16 13:58 - 00001456 _____ C:\Users\Florian\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2016-09-05 13:34 - 2015-02-04 19:53 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-09-05 08:05 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness 2016-09-02 17:05 - 2013-08-22 17:36 - 00000000 ____D C:\windows\PLA 2016-09-02 17:04 - 2015-07-27 13:34 - 00000000 ____D C:\windows\Minidump 2016-09-02 14:53 - 2016-06-07 09:19 - 00002246 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blisk.lnk 2016-09-02 14:53 - 2016-06-07 09:19 - 00002238 _____ C:\Users\Florian\Desktop\Blisk.lnk 2016-09-02 14:53 - 2016-06-07 09:19 - 00000000 ____D C:\Users\Florian\AppData\Local\Blisk 2016-09-02 13:33 - 2015-02-16 18:24 - 00000033 _____ C:\Users\Florian\AppData\Roaming\AdobeWLCMCache.dat 2016-09-01 10:48 - 2015-02-04 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2016-09-01 10:48 - 2015-02-04 18:56 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client 2016-09-01 09:29 - 2015-11-04 12:33 - 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk 2016-09-01 09:29 - 2015-01-05 19:21 - 00001248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-09-01 09:29 - 2015-01-05 18:22 - 00001555 _____ C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-08-31 17:03 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI 2016-08-31 08:04 - 2015-01-07 19:33 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-08-22 08:03 - 2013-08-22 16:44 - 12585272 _____ C:\windows\system32\FNTCACHE.DAT 2016-08-19 17:03 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData 2016-08-19 08:59 - 2015-02-04 19:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-08-19 08:58 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp 2016-08-19 08:56 - 2015-01-05 18:58 - 00000000 ____D C:\windows\system32\MRT 2016-08-19 08:56 - 2013-08-22 15:25 - 00000199 _____ C:\windows\win.ini 2016-08-19 08:50 - 2015-01-05 18:58 - 147640136 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2016-08-19 08:48 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\SecureBootUpdates 2016-08-16 16:31 - 2016-05-20 12:39 - 00000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-16 16:31 - 2016-05-20 12:39 - 00000938 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-08-16 15:11 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-16 15:08 - 2014-06-18 14:35 - 00000000 ____D C:\ProgramData\CyberLink 2016-08-09 17:03 - 2016-08-02 12:30 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2016-08-09 12:51 - 2016-08-02 12:29 - 00000000 ____D C:\Users\Florian\AppData\Local\SquirrelTemp 2016-08-09 08:36 - 2015-02-16 10:15 - 00000000 ____D C:\Users\Florian\Documents\Outlook-Dateien 2016-08-09 08:28 - 2015-02-16 10:28 - 00000000 ____D C:\Users\Florian\Documents\Benutzerdefinierte Office-Vorlagen 2016-08-08 17:04 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\setup 2016-08-08 17:04 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\inetsrv 2016-08-08 17:04 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\setup 2016-08-08 17:04 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\inetsrv 2016-08-08 11:55 - 2015-01-05 18:22 - 00000000 ____D C:\Users\Florian\AppData\Roaming\Adobe 2016-08-08 10:29 - 2015-03-27 11:17 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-08-08 10:27 - 2016-07-13 14:30 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2016-08-08 08:09 - 2014-03-18 17:09 - 00000000 ____D C:\windows\ShellNew ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-16 18:24 - 2016-09-02 13:33 - 0000033 _____ () C:\Users\Florian\AppData\Roaming\AdobeWLCMCache.dat 2015-08-05 07:19 - 2015-08-05 07:19 - 0000028 _____ () C:\Users\Florian\AppData\Roaming\kulerdata.json 2016-02-29 15:26 - 2016-03-30 11:40 - 0000600 _____ () C:\Users\Florian\AppData\Roaming\winscp.rnd 2015-02-16 13:58 - 2016-09-05 16:56 - 0001456 _____ () C:\Users\Florian\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2015-07-23 11:36 - 2016-03-30 12:54 - 0000600 _____ () C:\Users\Florian\AppData\Local\PUTTY.RND Einige Dateien in TEMP: ==================== C:\Users\Florian\AppData\Local\Temp\avgnt.exe C:\Users\Florian\AppData\Local\Temp\libeay32.dll C:\Users\Florian\AppData\Local\Temp\msvcr120.dll C:\Users\Florian\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\windows\system32\winlogon.exe => Datei ist digital signiert C:\windows\system32\wininit.exe => Datei ist digital signiert C:\windows\explorer.exe => Datei ist digital signiert C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\windows\system32\svchost.exe => Datei ist digital signiert C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\windows\system32\services.exe => Datei ist digital signiert C:\windows\system32\User32.dll => Datei ist digital signiert C:\windows\SysWOW64\User32.dll => Datei ist digital signiert C:\windows\system32\userinit.exe => Datei ist digital signiert C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\windows\system32\rpcss.dll => Datei ist digital signiert C:\windows\system32\dnsapi.dll => Datei ist digital signiert C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-29 09:16 ==================== Ende von FRST.txt ============================ Geändert von Stigi90 (06.09.2016 um 13:20 Uhr) Grund: FRST.txt |
| Themen zu Browser öffnen verschiedene Links |
| antivirus, avira, browser, browser adware, computer, einfach, entfernt, esgscanner.sys, explorer, folge, frage, gelöscht, google, internet, internet explorer, leute, link, links, löschen, malerware, malwarebytes, node.js, opera, problem, programme, safer networking, verschiedene, win, öffnen, öffnet |
Baum-Darstellung