| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Meldung von Malwarebytes Anti-MalwareWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.02.2017, 22:02
| #1 |
| |  Meldung von Malwarebytes Anti-Malware Am 29.01.2017 kam von Malwarebytes Anti-Malware eine Meldung über gefundene Riskware bzw. PUP IFEOHijack (4 x Registrierungsschlüssel, 4 x Registrierungswerte). Die Funde wurden von Malwarebytes Anti-Malware in Quarantäne verschoben. Danach haben weder Malwarebytes Anti-Malware noch Avira Free Antivirus oder Avira PC-Cleaner bei separaten Suchläufen etwas gefunden. Der Laptop lief und läuft ohne Probleme. Heute kam eine erneute eine Meldung von Malwarebytes Anti-Malware über gefundene Riskware IFEOHijack (2 x Registrierungsschlüssel, 2 x Registrierungswerte). Malwarebytes Anti-Malware hat bei einem erneuten Suchlauf nichts mehr gefunden. Der Suchlauf mit Avira Free Antivirus läuft noch. Ich habe schon mal einen Suchlauf mit Farbar's Recovery Scan Tool durchgeführt. Die Datei FRST.txt habe ich in eine ZIP-Datei gewandelt, da sie sonst nicht hochgeladen werden konnte. MfG Bernd |
|
04.02.2017, 14:12
| #2 |
| Ruhe in Frieden † 2019     | Meldung von Malwarebytes Anti-Malware Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Schritt 1 Bitte die Logs nicht als zip anhängen, sondern einfügen: Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
__________________ |
|
05.02.2017, 20:14
| #3 |
| | Meldung von Malwarebytes Anti-Malware Hallo Sandra,
__________________danke für die Unterstützung. Ich habe die beiden Log Files von Malwarebytes Anti-Malware mit Funden und den FRST-Log File noch einmal angehangen. In der Zwischenzeit habe ich noch Suchläufe mit Malwarebytes Adware Cleaner durchgeführt. Dabei wurden beim 1. Suchlauf etliche Funde gemeldet - der Log File ist ebenfalls im Anhang. Im Nachgang zu dem Suchlauf habe ich mein ICQ-Konto bei ICQ gelöscht und ICQ auf dem Rechner gelöscht, da ich ICQ schon seit langer Zeit nicht mehr nutze. Folgende Suchläufe mit dem Adware Cleaner blieben ohne Funde. Was mich wundert ist, dass keines der anderen Antivirenprogramme hier etwas gemeldet hat. Gruß Bernd Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.01.2017 Suchlaufzeit: 02:41 Protokolldatei: Malware_Suchlauf_170129_01.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.01.28.11 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Bernie Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 539536 Abgelaufene Zeit: 12 Min., 12 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 4 PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, In Quarantäne, [311a6120436569cdeb0888dd28db0af6], RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE, In Quarantäne, [fd4e69186147e056edb3a9e205fe649c], PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, In Quarantäne, [8fbcb3cedccc043219daa5c071920cf4], RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE, In Quarantäne, [58f37c05b2f60d29bbe598f31de635cb], Registrierungswerte: 4 PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", In Quarantäne, [311a6120436569cdeb0888dd28db0af6] RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", In Quarantäne, [fd4e69186147e056edb3a9e205fe649c] PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", In Quarantäne, [8fbcb3cedccc043219daa5c071920cf4] RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", In Quarantäne, [58f37c05b2f60d29bbe598f31de635cb] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.02.2017 Suchlaufzeit: 02:44 Protokolldatei: Malware_Suchlauf_170202_01.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.02.01.10 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Bernie Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 539264 Abgelaufene Zeit: 12 Min., 25 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE, In Quarantäne, [ca044f4e1692be784aebf49b53b00cf4], RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE, In Quarantäne, [e1ed5a43b3f584b261d48b04689b8977], Registrierungswerte: 2 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", In Quarantäne, [ca044f4e1692be784aebf49b53b00cf4] RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPPORT.EXE|Debugger, "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe", In Quarantäne, [e1ed5a43b3f584b261d48b04689b8977] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017 durchgeführt von Bernie (Administrator) auf BERNIE-PC (02-02-2017 20:48:27) Gestartet von C:\Users\Bernie\Downloads Geladene Profile: Bernie & (Verfügbare Profile: UpdatusUser & Bernie & Marion & Netzzugang & DefaultAppPool) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.152.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Microsoft Corporation) C:\Windows\splwow64.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe () C:\Windows\System32\FspService.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (ENC Security Systems BV) I:\SanDiskSecureAccess\SanDiskSecureAccessV3_win.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe () C:\Program Files (x86)\Waow\Waow.exe () C:\Users\Bernie\AppData\Local\Temp\RarSFX2\waow.exe () C:\Users\Bernie\AppData\Local\Temp\RarSFX2\waow.exe () C:\Users\Bernie\AppData\Local\Temp\RarSFX2\waow.exe () C:\Users\Bernie\AppData\Local\Temp\RarSFX2\waow.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files (x86)\ElsterFormular\bin\pica.exe () C:\Program Files (x86)\ElsterFormular\bin\ericprozess.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Rechner-Plus\CalcPlus.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6348104 2016-10-02] (Sentelic Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-21] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2011-08-06] (Wistron) HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [447016 2011-08-13] (Wistron Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.) HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2011-08-06] (Wistron Corp.) HKLM-x32\...\Run: [WheelMouse] => C:\Advanced Wheel Mouse\wh_exec.exe [147456 2010-05-26] () HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.) HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [3901200 2015-03-24] (Greatis Software) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] C:\Windows\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe [336560 2010-10-04] (Expert System S.p.A.) HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-29] (Skype Technologies S.A.) HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b48fd1-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b49153-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b491d3-88b0-11e6-9f32-00262dcbe4ff} - "K:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {6b52b450-aa08-11e4-a69b-806e6f6e6963} - "E:\zdata\cobi.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {39b48fd1-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {39b49153-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {39b491d3-88b0-11e6-9f32-00262dcbe4ff} - "K:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6b52b450-aa08-11e4-a69b-806e6f6e6963} - "E:\zdata\cobi.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe [336560 2010-10-04] (Expert System S.p.A.) HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVMUSBFernanschluss] => C:\Users\Marion\AppData\Local\Apps\2.0\04GH9BCH.6RK\WYRW2LGP.619\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2013-03-21] (AVM Berlin) HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-29] (Skype Technologies S.A.) HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall 17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marion\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64" HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall 17.3.6381.0405] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marion\AppData\Local\Microsoft\OneDrive\17.3.6381.0405" HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe [336560 2010-10-04] (Expert System S.p.A.) HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Netzzugang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Netzzugang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Netzzugang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Netzzugang\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64" HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinitx.dll [209744 2017-01-28] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinit.dll [181088 2017-01-28] (NVIDIA Corporation) IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\allshare.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira.systemspeedup.core.common.starter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira_system_speedup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\dktray.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\dudenbib.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\washandgo.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\web.de_mailcheck_suche.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\web.de_sichere_websuche.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\webupdate.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-09-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\Netzzugang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) GroupPolicy\User: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0802e8cb-305b-40e5-9dcf-1b29a0dd2675}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{9a63d425-06b5-45ee-bf88-f78bc8dca242}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-4122516966-2855662277-179015761-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0 HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://web.de/ HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://web.de/ HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/ HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/ SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {463C7A9C-C00A-46DC-9011-CCAEB26B7C19} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4D14D1C1-424D-4529-967A-7190829D2FA6} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6DA8BE5A-C0F9-4980-9795-9D8FE29A63D6} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A2C507FD-9BEE-469F-9BF4-B7D7276B278B} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {463C7A9C-C00A-46DC-9011-CCAEB26B7C19} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {6DA8BE5A-C0F9-4980-9795-9D8FE29A63D6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {74A6A8F3-1E04-4951-A063-4EC002C06D8B} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {8CF39975-1B44-40BE-84A0-DDD4F30AFC3D} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {463C7A9C-C00A-46DC-9011-CCAEB26B7C19} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6DA8BE5A-C0F9-4980-9795-9D8FE29A63D6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {74A6A8F3-1E04-4951-A063-4EC002C06D8B} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {8CF39975-1B44-40BE-84A0-DDD4F30AFC3D} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {069C52C5-08FA-4E88-B65C-F9963DA34D88} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {463C7A9C-C00A-46DC-9011-CCAEB26B7C19} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4D14D1C1-424D-4529-967A-7190829D2FA6} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6DA8BE5A-C0F9-4980-9795-9D8FE29A63D6} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {7448E8FE-180D-4530-9AC9-B06A9C5918F9} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9DB25BF2-2021-4962-9FDB-5D4E07BA023C} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A2C507FD-9BEE-469F-9BF4-B7D7276B278B} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {CC0DDE39-8609-4D27-A256-B216E392DB8E} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {398721CC-DF4F-4142-B886-1D9FD228AC61} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {398721CC-DF4F-4142-B886-1D9FD228AC61} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {40D8D208-0FC7-420E-A0ED-2D73E0B82C8E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C9714F79-CAEC-4051-B7E3-F933F9CB8556} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E9052DF9-3B60-42B6-9890-1C7EC18B49AF} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-21] (Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.) BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll [2012-12-11] (AVM Berlin) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-21] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-21] (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKLM-x32 - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Kein Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Keine Datei Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Keine Datei Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) DPF: HKLM {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://www.bad-wildbad.de/downloads/webcam/AMC.cab DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v1111/Navigram.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-21] (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05] (Skype Technologies S.A.) Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> hxxp://web.de/ FireFox: ======== FF ProfilePath: C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\ygzxf502.default-1436072606451 [2017-02-02] FF NetworkProxy: Mozilla\Firefox\Profiles\ygzxf502.default-1436072606451 -> type", 0 FF Extension: (Anti-Banner) - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-11-16] [ist nicht signiert] FF Extension: (Modul zur Link-Untersuchung) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-11-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-13] [ist nicht signiert] FF HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard Backup\files32\backup\thunderbirdbkplugin => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [2014-05-14] (INNOVA-engineering GmbH Dresden) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-21] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001: SkypePlugin -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll [2015-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001: SkypePlugin64 -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll [2015-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: SkypePlugin -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll [2015-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: SkypePlugin64 -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll [2015-12-08] (Skype Technologies S.A.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ACHTUNG Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG) S4 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin) R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [65296 2014-04-30] (Greatis Software, LLC) R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation) S4 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3697352 2017-01-21] (Microsoft Corporation) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-01-23] () R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () R2 FspSvc; C:\Windows\System32\FspService.exe [2178888 2016-10-02] () S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-01-30] (SurfRight B.V.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [Datei ist nicht signiert] S4 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [131312 2015-03-20] (Intel Corporation) R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] () S2 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-01-20] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation) S4 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S4 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.) S2 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-01-08] (Avira Operations GmbH & Co. KG) R3 avmaudio; C:\WINDOWS\System32\drivers\avmaudio.sys [116096 2012-04-25] (AVM Berlin) R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2012-12-23] (AVM Berlin) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-24] (Avira Operations GmbH & Co. KG) S3 btmhsf; C:\WINDOWS\System32\DRIVERS\btmhsf.sys [327168 2011-11-15] (Intel Corporation) [Datei ist nicht signiert] S3 cpuz140; C:\Users\Bernie\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2017-01-23] (CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 fspad_win764; C:\WINDOWS\system32\DRIVERS\fspad_win764.sys [209736 2016-10-02] (Sentelic Corporation) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-06-21] (G Data Software AG) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-04-02] () R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-09-05] (REALiX(tm)) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.) S3 iBtFltCoex; C:\WINDOWS\System32\DRIVERS\iBtFltCoex.sys [60416 2011-12-09] (Intel Corporation) [Datei ist nicht signiert] S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [165504 2012-03-03] (ITE ) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-02] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvlddmkm.sys [14427064 2017-01-28] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2017-01-21] (Realsil Semiconductor Corporation) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] () S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc.) S3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [204184 2014-03-04] (Windows (R) Win 7 DDK provider) R1 usedisk; C:\WINDOWS\System32\DRIVERS\usedisk.sys [29208 2014-02-23] (Gili Soft INC.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 cpuz139; \??\C:\Users\Bernie\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-02 20:47 - 2017-02-02 20:47 - 02420736 _____ (Farbar) C:\Users\Bernie\Downloads\FRST64.exe 2017-02-01 23:06 - 2017-02-01 23:06 - 00001064 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-02-01 23:06 - 2017-02-01 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-02-01 23:05 - 2017-02-01 23:06 - 00000000 ____D C:\Program Files (x86)\HiSuite 2017-01-31 20:13 - 2017-01-31 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2017-01-31 20:13 - 2017-01-31 20:13 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service 2017-01-30 20:43 - 2017-01-30 20:43 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk 2017-01-29 16:31 - 2017-01-29 16:31 - 00000000 _____ C:\Users\Bernie\Documents\Report_AVIRA_170129.txt 2017-01-29 04:20 - 2017-01-29 10:58 - 00002148 _____ C:\Users\Bernie\Desktop\Entfernen des Avira PC Cleaners.lnk 2017-01-29 04:20 - 2017-01-29 10:58 - 00002092 _____ C:\Users\Bernie\Desktop\Avira PC Cleaner.lnk 2017-01-29 04:19 - 2017-01-29 04:20 - 02444208 _____ C:\Users\Bernie\Downloads\avira_pc_cleaner_de (2).exe 2017-01-28 19:42 - 2017-01-28 19:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\TempOfficeC2R21754D4B-9E21-4FED-A8AD-747FEC90C9B8 2017-01-28 02:50 - 2017-01-28 02:50 - 00000000 ____D C:\WINDOWS\SysWOW64\NV 2017-01-28 02:50 - 2017-01-28 02:50 - 00000000 ____D C:\WINDOWS\system32\NV 2017-01-28 02:48 - 2017-01-28 02:48 - 00000000 ____D C:\WINDOWS\LastGood 2017-01-28 02:47 - 2017-01-28 02:47 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 34974656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 28239928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 19008576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 14677272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 11123936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 11019192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 09308896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 08990584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 03167288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 02715072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01051584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00988608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00960568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00048696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2017-01-28 02:47 - 2017-01-28 02:47 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-01-28 02:47 - 2017-01-28 02:47 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-01-26 20:35 - 2017-01-26 20:35 - 18405528 _____ (Geek Software GmbH ) C:\Users\Bernie\Downloads\pdf24-creator-8.0.4.exe 2017-01-26 20:35 - 2017-01-26 20:35 - 00001157 _____ C:\Users\Public\Desktop\PDF24.lnk 2017-01-26 20:35 - 2017-01-26 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2017-01-26 20:35 - 2017-01-26 20:35 - 00000000 ____D C:\Program Files (x86)\PDF24 2017-01-26 20:08 - 2017-01-26 20:08 - 00461088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-25 23:52 - 2017-01-25 23:52 - 00002574 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk 2017-01-25 21:42 - 2017-01-25 21:42 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2017-01-25 21:42 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-01-25 21:42 - 2017-01-25 21:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\Chromium 2017-01-25 21:42 - 2017-01-20 14:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-01-25 21:41 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-01-25 21:41 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-01-25 21:41 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-01-25 21:38 - 2017-01-25 21:38 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance 2017-01-25 21:31 - 2017-01-25 21:31 - 00002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk 2017-01-25 20:23 - 2017-01-25 20:24 - 03312432 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Bernie\Downloads\AVG_Performance_824.exe 2017-01-25 00:17 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 00:17 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-21 23:15 - 2017-01-21 23:15 - 09908776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2017-01-21 23:15 - 2017-01-21 23:15 - 04349480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCRU64.exe 2017-01-21 23:14 - 2017-01-21 23:14 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2017-01-21 23:13 - 2017-01-21 23:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2017-01-21 23:13 - 2017-01-21 23:13 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03302272 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 02050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00678176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2017-01-21 23:12 - 2017-01-21 23:12 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2017-01-21 23:12 - 2017-01-21 23:12 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2017-01-21 23:11 - 2017-01-21 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2017-01-21 23:10 - 2017-01-21 23:11 - 00001016 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2017-01-21 22:46 - 2017-01-21 22:47 - 00028501 _____ C:\Users\Bernie\Downloads\FRITZ!Box_Anrufliste.csv 2017-01-21 22:16 - 2017-01-21 22:17 - 00739392 _____ (Oracle Corporation) C:\Users\Bernie\Downloads\JavaSetup8u121.exe 2017-01-19 18:57 - 2017-01-25 21:34 - 00000000 ____D C:\Users\Public\Speedup Sessions 2017-01-17 20:01 - 2017-01-17 20:01 - 08813488 _____ (Piriform Ltd) C:\Users\Bernie\Downloads\ccsetup526.exe 2017-01-15 20:20 - 2017-01-15 20:20 - 40044345 _____ C:\Users\Bernie\Downloads\cdw-inst-8-10-4a-24-r2-u01-9l.zip 2017-01-15 20:20 - 2017-01-15 20:20 - 00000000 ____D C:\ProgramData\Canon_Inc_IC 2017-01-15 02:29 - 2017-01-15 02:29 - 00734169 _____ C:\Users\Bernie\Downloads\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-15 02:28 - 2017-01-15 02:28 - 00750948 _____ C:\Users\Bernie\Downloads\Rössel_Kerstin_161222_Freunde3.pdf 2017-01-15 02:18 - 2017-01-15 02:18 - 00750948 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde3.pdf 2017-01-15 02:18 - 2017-01-15 02:18 - 00734169 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-15 02:17 - 2017-01-15 02:17 - 00724814 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde2.pdf 2017-01-15 02:16 - 2017-01-15 02:16 - 00750200 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Familie.pdf 2017-01-15 02:16 - 2017-01-15 02:16 - 00722820 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde1.pdf 2017-01-15 02:15 - 2017-01-15 02:15 - 00735785 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Bäckerei_Rössel.pdf 2017-01-13 22:08 - 2017-01-13 22:08 - 00433422 _____ C:\Users\Bernie\Documents\IMG_20170113_0001.pdf 2017-01-13 00:25 - 2017-01-13 00:25 - 00039521 _____ C:\Users\Bernie\Downloads\Abschlussauszug_2016-09-05.pdf 2017-01-13 00:24 - 2017-01-13 00:24 - 00049966 _____ C:\Users\Bernie\Downloads\Kontoauszug_201609.pdf 2017-01-11 02:07 - 2017-01-11 02:07 - 00722820 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Freunde2.pdf 2017-01-11 02:06 - 2017-01-11 02:06 - 00724814 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Freunde1.pdf 2017-01-11 02:05 - 2017-01-11 02:05 - 00750200 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Familie.pdf 2017-01-11 02:05 - 2017-01-11 02:05 - 00734169 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-10 20:41 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-10 20:41 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-10 20:41 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-10 20:41 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-10 20:41 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-10 20:41 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-10 20:41 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-10 20:41 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-10 20:41 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-10 20:41 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-10 20:41 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-10 20:41 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-10 20:41 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-10 20:41 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-10 20:41 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-10 20:41 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-10 20:41 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-10 20:41 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-10 20:41 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-10 20:41 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-10 20:41 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-10 20:41 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-10 20:41 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-10 20:41 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-10 20:41 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-10 20:41 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-10 20:41 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-10 20:41 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-10 20:41 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-10 20:41 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-10 20:41 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-10 20:41 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-10 20:41 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-10 20:41 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-10 20:41 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-10 20:41 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-10 20:41 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-10 20:41 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-10 20:41 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-10 20:41 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-10 20:41 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-10 20:41 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-10 20:41 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-10 20:41 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-10 20:41 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-10 20:41 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-10 20:41 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-10 20:41 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-10 20:41 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-10 20:41 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-10 20:41 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-10 20:41 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-10 20:41 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-10 20:41 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-10 20:41 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-10 20:41 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-10 20:41 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-10 20:41 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-10 20:41 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-10 20:41 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-10 20:41 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-10 20:41 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-10 20:41 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-10 20:41 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-10 20:41 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-10 20:41 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-10 20:41 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-10 20:41 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-10 20:41 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-10 20:41 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-10 20:41 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-10 20:41 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-10 20:41 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-10 20:41 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-10 20:41 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-10 20:41 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-10 20:41 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-10 20:41 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-10 20:41 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-10 20:41 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-10 20:41 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-10 20:41 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-10 20:41 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-10 20:41 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-10 20:41 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-10 20:41 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-10 20:41 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-10 20:41 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-10 20:41 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-10 20:41 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-10 20:41 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-10 20:41 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-10 20:41 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-10 20:41 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-10 20:41 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-10 20:41 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-10 20:41 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-10 20:41 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-10 20:41 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-07 16:21 - 2017-01-07 16:21 - 00009745 _____ C:\Users\Bernie\Desktop\Einkaufszettel.xlsx 2017-01-06 23:05 - 2017-01-06 23:05 - 00458427 _____ C:\Users\Bernie\Documents\IMG_20170106_0001.pdf 2017-01-05 17:19 - 2017-01-05 17:19 - 00066279 _____ C:\Users\Bernie\Downloads\1000225283_Mitteilung_2017_.pdf 2017-01-03 01:50 - 2017-01-03 01:50 - 00000000 ____D C:\Users\Marion\AppData\Local\CEF ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-02 20:49 - 2016-08-07 04:42 - 00055783 _____ C:\Users\Bernie\Downloads\FRST.txt 2017-02-02 20:48 - 2015-07-02 17:51 - 00000000 ____D C:\FRST 2017-02-02 20:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-02 20:21 - 2015-06-30 19:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-02 18:31 - 2015-12-21 22:54 - 00000000 ____D C:\Users\Bernie\AppData\Local\Waow 2017-02-02 18:28 - 2016-09-01 00:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-02 17:18 - 2016-09-01 00:46 - 09424164 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-02 17:18 - 2016-07-16 23:51 - 04782202 _____ C:\WINDOWS\system32\perfh007.dat 2017-02-02 17:18 - 2016-07-16 23:51 - 01297708 _____ C:\WINDOWS\system32\perfc007.dat 2017-02-02 17:18 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-02 17:17 - 2016-09-01 00:44 - 00000000 ____D C:\ProgramData\NVIDIA 2017-02-02 17:13 - 2013-04-04 22:20 - 00000000 ____D C:\Users\Bernie\Documents\Outlook-Dateien 2017-02-02 17:12 - 2016-09-01 01:00 - 01097728 ____H C:\Users\Public\Documents\bootracer.his 2017-02-02 17:12 - 2016-09-01 01:00 - 00000494 ____H C:\Users\Public\Documents\bootracer.ini 2017-02-02 17:12 - 2016-01-06 00:02 - 00000000 ____D C:\ProgramData\BootRacer 2017-02-02 17:10 - 2016-09-01 01:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-02 17:10 - 2016-01-05 23:19 - 00000000 ____D C:\Program Files (x86)\BootRacer 2017-02-02 08:05 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI 2017-02-02 00:01 - 2012-10-13 15:04 - 00000000 ____D C:\ProgramData\tmp 2017-02-01 23:06 - 2016-10-03 01:35 - 00000000 ____D C:\Users\Bernie\AppData\Local\Hisuite 2017-02-01 23:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-01 21:58 - 2016-09-20 20:25 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task 2017-02-01 19:14 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-02-01 19:12 - 2011-07-18 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-02-01 01:07 - 2014-06-26 20:14 - 00000000 ____D C:\ProgramData\CanonIJPLM 2017-01-31 20:13 - 2016-09-01 00:46 - 00000000 ____D C:\Users\Bernie 2017-01-31 20:13 - 2015-05-26 23:18 - 00001306 _____ C:\Users\Public\Desktop\ElsterFormular.lnk 2017-01-31 20:13 - 2015-05-26 23:18 - 00000000 ____D C:\Program Files (x86)\ElsterFormular 2017-01-31 20:13 - 2012-04-24 23:17 - 00000000 ____D C:\ProgramData\elsterformular 2017-01-30 20:43 - 2015-06-21 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-01-30 20:43 - 2013-05-18 01:39 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-29 11:24 - 2013-03-01 22:06 - 00000000 ____D C:\Bilder 2017-01-29 01:54 - 2014-03-15 08:32 - 00000000 ____D C:\Users\Bernie\AppData\LocalLow\Adblock Plus for IE 2017-01-29 01:41 - 2016-09-01 00:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-01-28 02:49 - 2016-09-01 00:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-28 02:48 - 2016-09-01 00:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-01-28 02:47 - 2016-10-02 03:00 - 03597640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-01-28 02:47 - 2016-07-01 23:10 - 04079032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-01-28 02:47 - 2016-07-01 23:10 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb 2017-01-27 23:45 - 2016-11-16 16:02 - 00000000 ____D C:\Users\Bernie\AppData\LocalLow\Mozilla 2017-01-27 23:35 - 2016-11-16 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-27 23:35 - 2015-07-05 06:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-26 20:08 - 2016-04-16 12:14 - 00000300 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job 2017-01-25 22:57 - 2016-10-31 22:30 - 00003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 22:57 - 2016-10-31 22:30 - 00002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 22:57 - 2016-09-01 01:07 - 00002232 _____ C:\WINDOWS\System32\Tasks\AbelssoftPreloader 2017-01-25 22:55 - 2016-12-25 00:52 - 00002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-25 21:42 - 2016-10-31 22:31 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-25 21:42 - 2016-10-31 22:30 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2015-02-01 04:58 - 00000000 ____D C:\Users\Bernie\AppData\Local\NVIDIA Corporation 2017-01-25 21:42 - 2015-01-31 23:25 - 00000000 ____D C:\Users\Bernie\AppData\Local\NVIDIA 2017-01-25 21:32 - 2016-04-30 21:48 - 00000428 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job 2017-01-25 21:32 - 2015-11-06 00:43 - 00000000 ____D C:\AllShare 2017-01-25 21:32 - 2014-01-15 23:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-25 21:31 - 2014-08-20 11:09 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\AVG 2017-01-25 21:31 - 2014-08-20 10:26 - 00000000 ____D C:\Users\Bernie\AppData\Local\AvgSetupLog 2017-01-25 01:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-22 02:23 - 2015-07-15 22:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 23:15 - 2016-09-01 00:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-01-21 23:15 - 2016-04-30 22:02 - 00101928 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll 2017-01-21 23:15 - 2016-04-30 22:01 - 00436224 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys 2017-01-21 23:14 - 2016-09-01 00:44 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-01-21 23:14 - 2016-09-01 00:44 - 00000000 ____D C:\WINDOWS\system32\DAX2 2017-01-21 23:13 - 2016-11-01 22:53 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2017-01-21 23:13 - 2016-11-01 22:53 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2017-01-21 23:13 - 2016-11-01 22:53 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2017-01-21 23:13 - 2016-07-01 22:30 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2017-01-21 23:12 - 2016-07-01 22:30 - 05545472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2017-01-21 23:10 - 2016-04-30 21:50 - 00000000 ____D C:\Program Files\Easeware 2017-01-21 22:46 - 2016-07-16 00:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\CrashDumps 2017-01-21 22:18 - 2016-04-20 20:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-21 22:18 - 2013-10-16 22:16 - 00000000 ____D C:\ProgramData\Oracle 2017-01-21 22:18 - 2013-10-16 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-21 22:18 - 2013-09-02 22:40 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-20 19:39 - 2016-07-01 23:14 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-01-20 19:39 - 2016-06-01 22:02 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-01-20 19:39 - 2015-02-01 04:58 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 02479160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-01-20 15:04 - 2016-10-31 22:30 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-01-20 00:58 - 2016-10-20 19:31 - 00001117 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2017-01-19 18:57 - 2016-11-30 19:44 - 00001220 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk 2017-01-19 18:57 - 2015-06-21 13:50 - 00000000 ____D C:\Program Files (x86)\Avira 2017-01-18 13:57 - 2016-09-01 00:44 - 07755067 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-01-17 20:01 - 2015-04-26 22:49 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-01-15 20:21 - 2012-04-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2017-01-15 20:21 - 2012-04-25 00:05 - 00000000 ____D C:\Program Files (x86)\Canon 2017-01-15 20:20 - 2012-04-28 21:27 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\Canon 2017-01-15 01:17 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-13 20:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-12 23:00 - 2016-09-01 01:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-11 23:34 - 2014-08-14 09:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\Adobe 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-11 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-11 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-10 21:00 - 2013-07-09 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-10 20:56 - 2011-07-18 21:31 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-10 20:38 - 2016-09-01 00:46 - 00000000 ____D C:\Users\Netzzugang 2017-01-09 16:43 - 2016-02-09 00:18 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe 2017-01-04 19:35 - 2015-12-23 03:23 - 00000000 ____D C:\Users\Bernie\AppData\Local\Packages 2017-01-03 02:04 - 2016-11-01 18:50 - 00000000 ____D C:\Users\Marion\AppData\Local\CrashDumps 2017-01-03 01:50 - 2016-05-06 13:07 - 00002429 _____ C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-03 01:50 - 2016-05-06 13:07 - 00000000 ___RD C:\Users\Marion\OneDrive 2017-01-03 01:50 - 2015-04-23 14:42 - 00000000 ____D C:\Users\Marion\AppData\Local\NVIDIA Corporation 2017-01-03 01:49 - 2016-11-01 18:50 - 00000000 ____D C:\Users\Marion\AppData\Roaming\Skype ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2007-03-12 17:59 - 2007-03-12 17:59 - 0299008 _____ () C:\Program Files (x86)\navigram_register.exe 2015-06-19 13:53 - 2015-06-19 13:53 - 0000000 _____ () C:\Users\Bernie\AppData\Roaming\gdfw.log 2015-06-19 13:52 - 2015-06-21 20:34 - 0001558 _____ () C:\Users\Bernie\AppData\Roaming\gdscan.log 2014-01-21 21:51 - 2014-01-21 21:51 - 0000005 _____ () C:\Users\Bernie\AppData\Roaming\mbam.context.scan 2012-04-24 19:57 - 2012-04-24 19:57 - 0017408 _____ () C:\Users\Bernie\AppData\Local\WebpageIcons.db 2012-07-13 06:38 - 2012-07-13 06:38 - 0000438 _____ () C:\Users\Bernie\AppData\Local\WiDiLog.20120713.073831.txt 2012-07-12 22:43 - 2012-07-12 22:44 - 0008272 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120712.234319.txt 2012-07-12 22:45 - 2012-07-12 23:00 - 2537984 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120712.234543.txt 2012-07-13 06:33 - 2012-07-13 06:41 - 0037411 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120713.073326.txt 2013-05-18 01:49 - 2013-05-18 01:51 - 0050794 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20130518.024955.wdl 2013-05-18 02:18 - 2013-05-18 02:18 - 0045509 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20130518.031824.wdl 2013-10-08 00:15 - 2013-10-08 00:15 - 0047821 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131008.011509.wdl 2013-10-08 00:15 - 2013-10-08 00:23 - 0054969 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131008.011554.wdl 2013-10-21 22:55 - 2013-10-21 22:56 - 0027977 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131021.235519.txt 2013-11-10 03:20 - 2013-11-10 03:22 - 0044448 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131110.032011.wdl 2014-02-10 20:15 - 2014-02-10 20:18 - 0039885 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20140210.201548.wdl 2014-05-21 15:54 - 2014-05-21 15:56 - 0058791 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20140521.165419.wdl 2015-09-06 02:25 - 2015-09-06 02:26 - 0053997 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20150906.032549.wdl 2012-04-19 13:23 - 2012-04-19 13:23 - 0000000 _____ () C:\Users\Bernie\AppData\Local\{EAAC66D5-D0D9-401E-BBD1-552FBB746C9E} 2016-09-01 00:45 - 2016-09-01 00:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Sicherung\psa201se_DLM_ger_full.exe C:\Users\Sicherung\psa201se_ger.exe C:\Users\Sicherung\setupSNK.exe C:\Users\Sicherung\usbadapter54_V100014_ger.exe Einige Dateien in TEMP: ==================== 2016-09-12 18:39 - 2016-09-12 18:39 - 0000000 ____D () C:\Users\Netzzugang\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-01-30 22:08 ==================== Ende von FRST.txt ============================ Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 02/02/2017 um 22:47:50
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-02.2 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Bernie - BERNIE-PC
# Gestartet von : C:\Users\Bernie\Downloads\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\Bernie\AppData\Local\eSupport.com
Ordner Gefunden: C:\ProgramData\ICQ\ICQNewTab
***** [ Dateien ] *****
Datei Gefunden: C:\Users\Bernie\NTUSER.POL
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Wert Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gefunden: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\ICQ\ICQToolbar
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Myfree Codec
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\ICQ\ICQToolbar
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Myfree Codec
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\eSupport.com
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Mail.Ru
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\AppDataLow\Software\Mail.Ru
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4122516966-2855662277-179015761-1001\Software\mysearchdial
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Web Assistant
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4122516966-2855662277-179015761-1001\Software\WNLT
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\eSupport.com
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Mail.Ru
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Mail.Ru
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\eSupport.com
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Mail.Ru
Schlüssel Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AppDataLow\Software\Mail.Ru
Schlüssel Gefunden: HKCU\Software\eSupport.com
Schlüssel Gefunden: HKCU\Software\Mail.Ru
Schlüssel Gefunden: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Schlüssel Gefunden: HKCU\Software\AppDataLow\Software\Mail.Ru
Schlüssel Gefunden: HKLM\SOFTWARE\Mail.Ru
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4122516966-2855662277-179015761-1001\Software\mysearchdial
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Web Assistant
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4122516966-2855662277-179015761-1001\Software\WNLT
Schlüssel Gefunden: [x64] HKCU\Software\eSupport.com
Schlüssel Gefunden: [x64] HKCU\Software\Mail.Ru
Schlüssel Gefunden: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKU\S-1-5-21-4122516966-2855662277-179015761-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Wert Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [6233 Bytes] - [02/02/2017 22:47:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6306 Bytes] ##########
|
|
05.02.2017, 23:01
| #4 | |
| Ruhe in Frieden † 2019 | Meldung von Malwarebytes Anti-Malware Hallo, Zitat:
 Dann brauche ich jetzt ein aktuelles FRST samt Addition.txt. Schritt 1 Starte noch einmal FRST.
|
|
06.02.2017, 22:46
| #5 |
| | Meldung von Malwarebytes Anti-Malware Hallo Sandra, danke für die Antwort. Wie du aus dem Datum des FRST-Log files vom 02.02. sehen kannst, habe ich den Suchlauf lange vor deiner Begrüßung durchgeführt und ICQ auch schon vorher gelöscht. Aber ab jetzt nur noch auf Anweisung. Die addition.txt kommt mit der nächsten Antwort. Gruß Bernd Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017 durchgeführt von Bernie (Administrator) auf BERNIE-PC (06-02-2017 22:42:15) Gestartet von C:\Users\Bernie\Downloads Geladene Profile: Bernie (Verfügbare Profile: UpdatusUser & Bernie & Marion & Netzzugang & DefaultAppPool) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe (1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe () C:\Windows\System32\FspService.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe () C:\Program Files (x86)\Waow\Waow.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft) C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6348104 2016-10-02] (Sentelic Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-21] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2011-08-06] (Wistron) HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [447016 2011-08-13] (Wistron Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.) HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2011-08-06] (Wistron Corp.) HKLM-x32\...\Run: [WheelMouse] => C:\Advanced Wheel Mouse\wh_exec.exe [147456 2010-05-26] () HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.) HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [3901200 2015-03-24] (Greatis Software) HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b48fd1-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b49153-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b491d3-88b0-11e6-9f32-00262dcbe4ff} - "K:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {6b52b450-aa08-11e4-a69b-806e6f6e6963} - "E:\zdata\cobi.exe" HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinitx.dll [209744 2017-01-28] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinit.dll [181088 2017-01-28] (NVIDIA Corporation) IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\allshare.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira.systemspeedup.core.common.starter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira.webapphost.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira_system_speedup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\cnqmmain.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\hilfepica.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\hotlinetool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\installationsverwaltung.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\integritaetspruefer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\pica.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\washandgo.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\web.de_mailcheck_suche.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\web.de_sichere_websuche.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-09-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\Netzzugang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) GroupPolicy\User: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0802e8cb-305b-40e5-9dcf-1b29a0dd2675}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{9a63d425-06b5-45ee-bf88-f78bc8dca242}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-4122516966-2855662277-179015761-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://web.de/ SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {463C7A9C-C00A-46DC-9011-CCAEB26B7C19} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {6DA8BE5A-C0F9-4980-9795-9D8FE29A63D6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {74A6A8F3-1E04-4951-A063-4EC002C06D8B} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {8CF39975-1B44-40BE-84A0-DDD4F30AFC3D} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.) BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll [2012-12-11] (AVM Berlin) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Kein Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Keine Datei DPF: HKLM {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://www.bad-wildbad.de/downloads/webcam/AMC.cab DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v1111/Navigram.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05] (Skype Technologies S.A.) Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> hxxp://web.de/ FireFox: ======== FF ProfilePath: C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\ygzxf502.default-1436072606451 [2017-02-06] FF NetworkProxy: Mozilla\Firefox\Profiles\ygzxf502.default-1436072606451 -> type", 0 FF Extension: (Anti-Banner) - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-11-16] [ist nicht signiert] FF Extension: (Modul zur Link-Untersuchung) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-11-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-13] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [2014-05-14] (INNOVA-engineering GmbH Dresden) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001: SkypePlugin -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll [2015-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001: SkypePlugin64 -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll [2015-12-08] (Skype Technologies S.A.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ACHTUNG Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG) S4 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG) S4 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin) R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [65296 2014-04-30] (Greatis Software, LLC) R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation) S4 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3697352 2017-01-29] (Microsoft Corporation) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) S4 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-01-23] () R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () R2 FspSvc; C:\Windows\System32\FspService.exe [2178888 2016-10-02] () S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-01-30] (SurfRight B.V.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [Datei ist nicht signiert] S4 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [131312 2015-03-20] (Intel Corporation) R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] () S2 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-01-20] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation) S4 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S4 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.) S2 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-01-08] (Avira Operations GmbH & Co. KG) R3 avmaudio; C:\WINDOWS\System32\drivers\avmaudio.sys [116096 2012-04-25] (AVM Berlin) R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2012-12-23] (AVM Berlin) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-24] (Avira Operations GmbH & Co. KG) S3 btmhsf; C:\WINDOWS\System32\DRIVERS\btmhsf.sys [327168 2011-11-15] (Intel Corporation) [Datei ist nicht signiert] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 fspad_win764; C:\WINDOWS\system32\DRIVERS\fspad_win764.sys [209736 2016-10-02] (Sentelic Corporation) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-06-21] (G Data Software AG) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-04-02] () R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-09-05] (REALiX(tm)) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.) S3 iBtFltCoex; C:\WINDOWS\System32\DRIVERS\iBtFltCoex.sys [60416 2011-12-09] (Intel Corporation) [Datei ist nicht signiert] S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [165504 2012-03-03] (ITE ) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-06] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvlddmkm.sys [14427064 2017-01-28] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2017-01-21] (Realsil Semiconductor Corporation) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] () S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc.) S3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [204184 2014-03-04] (Windows (R) Win 7 DDK provider) R1 usedisk; C:\WINDOWS\System32\DRIVERS\usedisk.sys [29208 2014-02-23] (Gili Soft INC.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 cpuz139; \??\C:\Users\Bernie\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] <==== ACHTUNG S3 cpuz140; \??\C:\Users\Bernie\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ACHTUNG U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-06 22:42 - 2017-02-06 22:42 - 00040319 _____ C:\Users\Bernie\Downloads\FRST.txt 2017-02-06 22:00 - 2017-02-06 22:00 - 00000000 ____D C:\Users\Bernie\Downloads\FRST-OlderVersion 2017-02-03 22:25 - 2017-02-03 22:25 - 08813488 _____ (Piriform Ltd) C:\Users\Bernie\Downloads\ccsetup526.exe 2017-02-03 22:10 - 2017-02-03 22:10 - 04015056 _____ C:\Users\Netzzugang\Downloads\adwcleaner_6.043.exe 2017-02-03 21:58 - 2017-02-03 21:59 - 00000000 ____D C:\Users\Netzzugang\AppData\Local\Waow 2017-02-03 14:02 - 2017-02-03 15:06 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ 2017-02-03 10:43 - 2017-02-03 10:44 - 00744104 _____ C:\Users\Bernie\Documents\IMG_20170203_0001.pdf 2017-02-02 22:40 - 2017-02-05 21:21 - 00000000 ____D C:\AdwCleaner 2017-02-02 22:38 - 2017-02-02 22:38 - 04015056 _____ C:\Users\Bernie\Downloads\AdwCleaner_6.043.exe 2017-02-02 20:47 - 2017-02-06 22:00 - 02421248 _____ (Farbar) C:\Users\Bernie\Downloads\FRST64.exe 2017-02-01 23:06 - 2017-02-01 23:06 - 00001064 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-02-01 23:06 - 2017-02-01 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-02-01 23:05 - 2017-02-01 23:06 - 00000000 ____D C:\Program Files (x86)\HiSuite 2017-01-31 20:13 - 2017-01-31 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2017-01-31 20:13 - 2017-01-31 20:13 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service 2017-01-30 20:43 - 2017-01-30 20:43 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk 2017-01-29 16:31 - 2017-01-29 16:31 - 00000000 _____ C:\Users\Bernie\Documents\Report_AVIRA_170129.txt 2017-01-29 04:19 - 2017-01-29 04:20 - 02444208 _____ C:\Users\Bernie\Downloads\avira_pc_cleaner_de (2).exe 2017-01-28 19:42 - 2017-01-28 19:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\TempOfficeC2R21754D4B-9E21-4FED-A8AD-747FEC90C9B8 2017-01-28 02:50 - 2017-01-28 02:50 - 00000000 ____D C:\WINDOWS\SysWOW64\NV 2017-01-28 02:50 - 2017-01-28 02:50 - 00000000 ____D C:\WINDOWS\system32\NV 2017-01-28 02:48 - 2017-01-28 02:48 - 00000000 ____D C:\WINDOWS\LastGood 2017-01-28 02:47 - 2017-01-28 02:47 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 34974656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 28239928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 19008576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 14677272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 11123936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 11019192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 09308896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 08990584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 03167288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 02715072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01051584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00988608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00960568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00048696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2017-01-28 02:47 - 2017-01-28 02:47 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-01-28 02:47 - 2017-01-28 02:47 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-01-26 20:35 - 2017-01-26 20:35 - 18405528 _____ (Geek Software GmbH ) C:\Users\Bernie\Downloads\pdf24-creator-8.0.4.exe 2017-01-26 20:35 - 2017-01-26 20:35 - 00001157 _____ C:\Users\Public\Desktop\PDF24.lnk 2017-01-26 20:35 - 2017-01-26 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2017-01-26 20:35 - 2017-01-26 20:35 - 00000000 ____D C:\Program Files (x86)\PDF24 2017-01-26 20:08 - 2017-01-26 20:08 - 00461088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-25 23:52 - 2017-01-25 23:52 - 00002574 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk 2017-01-25 21:42 - 2017-01-25 21:42 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2017-01-25 21:42 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-01-25 21:42 - 2017-01-25 21:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\Chromium 2017-01-25 21:42 - 2017-01-20 14:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-01-25 21:41 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-01-25 21:41 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-01-25 21:41 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-01-25 21:38 - 2017-01-25 21:38 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance 2017-01-25 21:31 - 2017-01-25 21:31 - 00002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk 2017-01-25 20:23 - 2017-01-25 20:24 - 03312432 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Bernie\Downloads\AVG_Performance_824.exe 2017-01-25 00:17 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 00:17 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-21 23:15 - 2017-01-21 23:15 - 09908776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2017-01-21 23:15 - 2017-01-21 23:15 - 04349480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCRU64.exe 2017-01-21 23:14 - 2017-01-21 23:14 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2017-01-21 23:13 - 2017-01-21 23:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2017-01-21 23:13 - 2017-01-21 23:13 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03302272 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 02050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00678176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2017-01-21 23:12 - 2017-01-21 23:12 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2017-01-21 23:12 - 2017-01-21 23:12 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2017-01-21 23:11 - 2017-01-21 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2017-01-21 23:10 - 2017-01-21 23:11 - 00001016 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2017-01-21 22:16 - 2017-01-21 22:17 - 00739392 _____ (Oracle Corporation) C:\Users\Bernie\Downloads\JavaSetup8u121.exe 2017-01-19 18:57 - 2017-01-25 21:34 - 00000000 ____D C:\Users\Public\Speedup Sessions 2017-01-15 20:20 - 2017-01-15 20:20 - 40044345 _____ C:\Users\Bernie\Downloads\cdw-inst-8-10-4a-24-r2-u01-9l.zip 2017-01-15 20:20 - 2017-01-15 20:20 - 00000000 ____D C:\ProgramData\Canon_Inc_IC 2017-01-15 02:18 - 2017-01-15 02:18 - 00750948 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde3.pdf 2017-01-15 02:18 - 2017-01-15 02:18 - 00734169 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-15 02:17 - 2017-01-15 02:17 - 00724814 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde2.pdf 2017-01-15 02:16 - 2017-01-15 02:16 - 00750200 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Familie.pdf 2017-01-15 02:16 - 2017-01-15 02:16 - 00722820 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde1.pdf 2017-01-15 02:15 - 2017-01-15 02:15 - 00735785 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Bäckerei_Rössel.pdf 2017-01-13 22:08 - 2017-01-13 22:08 - 00433422 _____ C:\Users\Bernie\Documents\IMG_20170113_0001.pdf 2017-01-11 02:07 - 2017-01-11 02:07 - 00722820 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Freunde2.pdf 2017-01-11 02:06 - 2017-01-11 02:06 - 00724814 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Freunde1.pdf 2017-01-11 02:05 - 2017-01-11 02:05 - 00750200 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Familie.pdf 2017-01-11 02:05 - 2017-01-11 02:05 - 00734169 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-10 20:41 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-10 20:41 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-10 20:41 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-10 20:41 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-10 20:41 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-10 20:41 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-10 20:41 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-10 20:41 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-10 20:41 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-10 20:41 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-10 20:41 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-10 20:41 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-10 20:41 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-10 20:41 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-10 20:41 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-10 20:41 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-10 20:41 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-10 20:41 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-10 20:41 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-10 20:41 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-10 20:41 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-10 20:41 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-10 20:41 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-10 20:41 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-10 20:41 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-10 20:41 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-10 20:41 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-10 20:41 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-10 20:41 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-10 20:41 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-10 20:41 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-10 20:41 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-10 20:41 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-10 20:41 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-10 20:41 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-10 20:41 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-10 20:41 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-10 20:41 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-10 20:41 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-10 20:41 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-10 20:41 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-10 20:41 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-10 20:41 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-10 20:41 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-10 20:41 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-10 20:41 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-10 20:41 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-10 20:41 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-10 20:41 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-10 20:41 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-10 20:41 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-10 20:41 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-10 20:41 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-10 20:41 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-10 20:41 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-10 20:41 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-10 20:41 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-10 20:41 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-10 20:41 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-10 20:41 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-10 20:41 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-10 20:41 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-10 20:41 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-10 20:41 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-10 20:41 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-10 20:41 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-10 20:41 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-10 20:41 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-10 20:41 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-10 20:41 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-10 20:41 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-10 20:41 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-10 20:41 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-10 20:41 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-10 20:41 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-10 20:41 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-10 20:41 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-10 20:41 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-10 20:41 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-10 20:41 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-10 20:41 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-10 20:41 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-10 20:41 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-10 20:41 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-10 20:41 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-10 20:41 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-10 20:41 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-10 20:41 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-10 20:41 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-10 20:41 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-10 20:41 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-10 20:41 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-10 20:41 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-10 20:41 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-10 20:41 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-10 20:41 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-10 20:41 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-10 20:41 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-10 20:41 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-07 16:21 - 2017-01-07 16:21 - 00009745 _____ C:\Users\Bernie\Desktop\Einkaufszettel.xlsx ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-06 22:42 - 2015-07-02 17:51 - 00000000 ____D C:\FRST 2017-02-06 22:17 - 2015-06-30 19:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-06 22:06 - 2016-08-07 04:43 - 00077524 _____ C:\Users\Bernie\Downloads\Addition.txt 2017-02-06 22:01 - 2015-12-21 22:54 - 00000000 ____D C:\Users\Bernie\AppData\Local\Waow 2017-02-06 20:51 - 2013-04-04 22:20 - 00000000 ____D C:\Users\Bernie\Documents\Outlook-Dateien 2017-02-06 20:34 - 2016-09-20 20:25 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task 2017-02-06 19:34 - 2016-09-01 00:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-06 17:30 - 2016-09-01 00:44 - 00000000 ____D C:\ProgramData\NVIDIA 2017-02-06 17:28 - 2016-09-01 00:46 - 09766594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-06 17:28 - 2016-07-16 23:51 - 04968564 _____ C:\WINDOWS\system32\perfh007.dat 2017-02-06 17:28 - 2016-07-16 23:51 - 01349804 _____ C:\WINDOWS\system32\perfc007.dat 2017-02-06 17:28 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-06 17:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-06 17:24 - 2016-09-01 01:00 - 01146880 ____H C:\Users\Public\Documents\bootracer.his 2017-02-06 17:24 - 2016-09-01 01:00 - 00000496 ____H C:\Users\Public\Documents\bootracer.ini 2017-02-06 17:24 - 2016-01-06 00:02 - 00000000 ____D C:\ProgramData\BootRacer 2017-02-06 17:21 - 2016-09-01 01:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-06 17:21 - 2016-01-05 23:19 - 00000000 ____D C:\Program Files (x86)\BootRacer 2017-02-06 01:17 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI 2017-02-05 21:22 - 2016-07-16 00:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\CrashDumps 2017-02-04 08:55 - 2014-06-26 20:14 - 00000000 ____D C:\ProgramData\CanonIJPLM 2017-02-03 22:26 - 2015-04-26 22:49 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-02-03 21:10 - 2016-12-25 00:52 - 00003288 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-02-03 21:10 - 2015-12-24 00:30 - 00002441 _____ C:\Users\Netzzugang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-02-03 21:10 - 2015-12-24 00:30 - 00000000 ___RD C:\Users\Netzzugang\OneDrive 2017-02-03 04:27 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-02-03 04:25 - 2011-07-18 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-02-03 01:58 - 2015-12-23 03:23 - 00000000 ____D C:\Users\Bernie\AppData\Local\Packages 2017-02-02 23:00 - 2016-09-01 00:46 - 00000000 ____D C:\Users\Bernie 2017-02-02 23:00 - 2012-04-28 16:55 - 00000000 ____D C:\ProgramData\ICQ 2017-02-02 00:01 - 2012-10-13 15:04 - 00000000 ____D C:\ProgramData\tmp 2017-02-01 23:06 - 2016-10-03 01:35 - 00000000 ____D C:\Users\Bernie\AppData\Local\Hisuite 2017-02-01 23:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-31 20:13 - 2015-05-26 23:18 - 00001306 _____ C:\Users\Public\Desktop\ElsterFormular.lnk 2017-01-31 20:13 - 2015-05-26 23:18 - 00000000 ____D C:\Program Files (x86)\ElsterFormular 2017-01-31 20:13 - 2012-04-24 23:17 - 00000000 ____D C:\ProgramData\elsterformular 2017-01-30 20:43 - 2015-06-21 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-01-30 20:43 - 2013-05-18 01:39 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-29 11:24 - 2013-03-01 22:06 - 00000000 ____D C:\Bilder 2017-01-29 01:54 - 2014-03-15 08:32 - 00000000 ____D C:\Users\Bernie\AppData\LocalLow\Adblock Plus for IE 2017-01-29 01:41 - 2016-09-01 00:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-01-28 02:49 - 2016-09-01 00:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-28 02:48 - 2016-09-01 00:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-01-28 02:47 - 2016-10-02 03:00 - 03597640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-01-28 02:47 - 2016-07-01 23:10 - 04079032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-01-28 02:47 - 2016-07-01 23:10 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb 2017-01-27 23:45 - 2016-11-16 16:02 - 00000000 ____D C:\Users\Bernie\AppData\LocalLow\Mozilla 2017-01-27 23:35 - 2016-11-16 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-27 23:35 - 2015-07-05 06:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-26 20:08 - 2016-04-16 12:14 - 00000300 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job 2017-01-25 22:57 - 2016-10-31 22:30 - 00003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 22:57 - 2016-10-31 22:30 - 00002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 22:57 - 2016-09-01 01:07 - 00002232 _____ C:\WINDOWS\System32\Tasks\AbelssoftPreloader 2017-01-25 21:42 - 2016-10-31 22:31 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-25 21:42 - 2016-10-31 22:30 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2015-02-01 04:58 - 00000000 ____D C:\Users\Bernie\AppData\Local\NVIDIA Corporation 2017-01-25 21:42 - 2015-01-31 23:25 - 00000000 ____D C:\Users\Bernie\AppData\Local\NVIDIA 2017-01-25 21:32 - 2016-04-30 21:48 - 00000428 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job 2017-01-25 21:32 - 2015-11-06 00:43 - 00000000 ____D C:\AllShare 2017-01-25 21:32 - 2014-01-15 23:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-25 21:31 - 2014-08-20 11:09 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\AVG 2017-01-25 21:31 - 2014-08-20 10:26 - 00000000 ____D C:\Users\Bernie\AppData\Local\AvgSetupLog 2017-01-25 01:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-22 02:23 - 2015-07-15 22:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 23:15 - 2016-09-01 00:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-01-21 23:15 - 2016-04-30 22:02 - 00101928 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll 2017-01-21 23:15 - 2016-04-30 22:01 - 00436224 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys 2017-01-21 23:14 - 2016-09-01 00:44 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-01-21 23:14 - 2016-09-01 00:44 - 00000000 ____D C:\WINDOWS\system32\DAX2 2017-01-21 23:13 - 2016-11-01 22:53 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2017-01-21 23:13 - 2016-11-01 22:53 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2017-01-21 23:13 - 2016-11-01 22:53 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2017-01-21 23:13 - 2016-07-01 22:30 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2017-01-21 23:12 - 2016-07-01 22:30 - 05545472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2017-01-21 23:10 - 2016-04-30 21:50 - 00000000 ____D C:\Program Files\Easeware 2017-01-21 22:18 - 2016-04-20 20:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-21 22:18 - 2013-10-16 22:16 - 00000000 ____D C:\ProgramData\Oracle 2017-01-21 22:18 - 2013-10-16 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-21 22:18 - 2013-09-02 22:40 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-20 19:39 - 2016-07-01 23:14 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-01-20 19:39 - 2016-06-01 22:02 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-01-20 19:39 - 2015-02-01 04:58 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 02479160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-01-20 15:04 - 2016-10-31 22:30 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-01-20 00:58 - 2016-10-20 19:31 - 00001117 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2017-01-19 18:57 - 2016-11-30 19:44 - 00001220 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk 2017-01-19 18:57 - 2015-06-21 13:50 - 00000000 ____D C:\Program Files (x86)\Avira 2017-01-18 13:57 - 2016-09-01 00:44 - 07755067 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-01-15 20:21 - 2012-04-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2017-01-15 20:21 - 2012-04-25 00:05 - 00000000 ____D C:\Program Files (x86)\Canon 2017-01-15 20:20 - 2012-04-28 21:27 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\Canon 2017-01-15 01:17 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-13 20:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-12 23:00 - 2016-09-01 01:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-11 23:34 - 2014-08-14 09:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\Adobe 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-11 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-11 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-10 21:00 - 2013-07-09 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-10 20:56 - 2011-07-18 21:31 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-10 20:38 - 2016-09-01 00:46 - 00000000 ____D C:\Users\Netzzugang 2017-01-09 16:43 - 2016-02-09 00:18 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2007-03-12 17:59 - 2007-03-12 17:59 - 0299008 _____ () C:\Program Files (x86)\navigram_register.exe 2015-06-19 13:53 - 2015-06-19 13:53 - 0000000 _____ () C:\Users\Bernie\AppData\Roaming\gdfw.log 2015-06-19 13:52 - 2015-06-21 20:34 - 0001558 _____ () C:\Users\Bernie\AppData\Roaming\gdscan.log 2014-01-21 21:51 - 2014-01-21 21:51 - 0000005 _____ () C:\Users\Bernie\AppData\Roaming\mbam.context.scan 2012-04-24 19:57 - 2012-04-24 19:57 - 0017408 _____ () C:\Users\Bernie\AppData\Local\WebpageIcons.db 2012-07-13 06:38 - 2012-07-13 06:38 - 0000438 _____ () C:\Users\Bernie\AppData\Local\WiDiLog.20120713.073831.txt 2012-07-12 22:43 - 2012-07-12 22:44 - 0008272 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120712.234319.txt 2012-07-12 22:45 - 2012-07-12 23:00 - 2537984 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120712.234543.txt 2012-07-13 06:33 - 2012-07-13 06:41 - 0037411 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120713.073326.txt 2013-05-18 01:49 - 2013-05-18 01:51 - 0050794 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20130518.024955.wdl 2013-05-18 02:18 - 2013-05-18 02:18 - 0045509 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20130518.031824.wdl 2013-10-08 00:15 - 2013-10-08 00:15 - 0047821 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131008.011509.wdl 2013-10-08 00:15 - 2013-10-08 00:23 - 0054969 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131008.011554.wdl 2013-10-21 22:55 - 2013-10-21 22:56 - 0027977 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131021.235519.txt 2013-11-10 03:20 - 2013-11-10 03:22 - 0044448 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131110.032011.wdl 2014-02-10 20:15 - 2014-02-10 20:18 - 0039885 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20140210.201548.wdl 2014-05-21 15:54 - 2014-05-21 15:56 - 0058791 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20140521.165419.wdl 2015-09-06 02:25 - 2015-09-06 02:26 - 0053997 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20150906.032549.wdl 2012-04-19 13:23 - 2012-04-19 13:23 - 0000000 _____ () C:\Users\Bernie\AppData\Local\{EAAC66D5-D0D9-401E-BBD1-552FBB746C9E} 2016-09-01 00:45 - 2016-09-01 00:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Sicherung\psa201se_DLM_ger_full.exe C:\Users\Sicherung\psa201se_ger.exe C:\Users\Sicherung\setupSNK.exe C:\Users\Sicherung\usbadapter54_V100014_ger.exe Einige Dateien in TEMP: ==================== 2016-09-12 18:39 - 2016-09-12 18:39 - 0000000 ____D () C:\Users\Netzzugang\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-01-30 22:08 ==================== Ende von FRST.txt ============================ |
|
06.02.2017, 22:47
| #6 |
| | Meldung von Malwarebytes Anti-MalwareCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017 durchgeführt von Bernie (Administrator) auf BERNIE-PC (06-02-2017 22:42:15) Gestartet von C:\Users\Bernie\Downloads Geladene Profile: Bernie (Verfügbare Profile: UpdatusUser & Bernie & Marion & Netzzugang & DefaultAppPool) Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe (1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe (Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe () C:\Windows\System32\FspService.exe (AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe () C:\Program Files (x86)\Waow\Waow.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft) C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6348104 2016-10-02] (Sentelic Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-21] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2011-08-06] (Wistron) HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [447016 2011-08-13] (Wistron Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.) HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2011-08-06] (Wistron Corp.) HKLM-x32\...\Run: [WheelMouse] => C:\Advanced Wheel Mouse\wh_exec.exe [147456 2010-05-26] () HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61896 2016-12-29] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [25744 2017-01-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.) HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [160936 2017-01-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\Bootrace.exe [3901200 2015-03-24] (Greatis Software) HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b48fd1-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b49153-88b0-11e6-9f32-00262dcbe4ff} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {39b491d3-88b0-11e6-9f32-00262dcbe4ff} - "K:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4122516966-2855662277-179015761-1001\...\MountPoints2: {6b52b450-aa08-11e4-a69b-806e6f6e6963} - "E:\zdata\cobi.exe" HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [4673304 2016-11-11] (Microsoft Corporation) <==== ACHTUNG AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinitx.dll [209744 2017-01-28] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvinit.dll [181088 2017-01-28] (NVIDIA Corporation) IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\allshare.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira.systemspeedup.core.common.starter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira.webapphost.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\avira_system_speedup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\cnmnsst.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\cnqmmain.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\hilfepica.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\hotlinetool.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\installationsverwaltung.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\integritaetspruefer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\pdvdlaunchpolicy.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\pica.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\washandgo.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\web.de_mailcheck_suche.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\web.de_sichere_websuche.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files\Common Files\1&1 Sync\1&1SyncShellExtension64_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 1] -> {02B2B772-B8A8-4DA4-9B18-42551A54A1A8} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 2] -> {0575AB16-E932-4160-8936-4DBE195BDBD7} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 3] -> {0E9EF89A-96D3-4DE6-B2F8-E9548AA5321E} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ 1&1 Sync Overlay 4] -> {1A4AFFE1-B2F9-483D-B627-D9A339DBFD34} => C:\Program Files (x86)\Common Files\1&1 Sync\1&1SyncShellExtension_1_0_0_3_20150730031641601.dll [2015-07-23] (1&1 Mail & Media GmbH) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Bernie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-01] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-09-14] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\Netzzugang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-01-25] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) GroupPolicy\User: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0802e8cb-305b-40e5-9dcf-1b29a0dd2675}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{9a63d425-06b5-45ee-bf88-f78bc8dca242}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-4122516966-2855662277-179015761-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-4122516966-2855662277-179015761-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://web.de/ SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {463C7A9C-C00A-46DC-9011-CCAEB26B7C19} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {6DA8BE5A-C0F9-4980-9795-9D8FE29A63D6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {74A6A8F3-1E04-4951-A063-4EC002C06D8B} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8 SearchScopes: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> {8CF39975-1B44-40BE-84A0-DDD4F30AFC3D} URL = hxxp://suche.web.de/search/web/?su={searchTerms}&mc=searchplugin@suche@msie.suche@web&origin=searchplugin BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.) BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll [2012-12-11] (AVM Berlin) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.) Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> Kein Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Keine Datei DPF: HKLM {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://www.bad-wildbad.de/downloads/webcam/AMC.cab DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v1111/Navigram.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05] (Skype Technologies S.A.) Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-4122516966-2855662277-179015761-1001 -> hxxp://web.de/ FireFox: ======== FF ProfilePath: C:\Users\Bernie\AppData\Roaming\Mozilla\Firefox\Profiles\ygzxf502.default-1436072606451 [2017-02-06] FF NetworkProxy: Mozilla\Firefox\Profiles\ygzxf502.default-1436072606451 -> type", 0 FF Extension: (Anti-Banner) - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2016-11-16] [ist nicht signiert] FF Extension: (Modul zur Link-Untersuchung) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-11-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: (Mehr Leistung und Videoformate für dein HTML5 &video&) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-13] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) FF Plugin-x32: @innoplus.de/ino3DViewer -> C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll [2014-05-14] (INNOVA-engineering GmbH Dresden) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-29] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001: SkypePlugin -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll [2015-12-08] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-4122516966-2855662277-179015761-1001: SkypePlugin64 -> C:\Users\Bernie\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll [2015-12-08] (Skype Technologies S.A.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-04-10] <==== ACHTUNG Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-29] (Avira Operations GmbH & Co. KG) S4 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [300344 2017-01-18] (Avira Operations GmbH & Co. KG) S4 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin) R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [65296 2014-04-30] (Greatis Software, LLC) R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation) S4 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3697352 2017-01-29] (Microsoft Corporation) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) S4 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-01-23] () R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () R2 FspSvc; C:\Windows\System32\FspService.exe [2178888 2016-10-02] () S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-01-30] (SurfRight B.V.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [Datei ist nicht signiert] S4 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [131312 2015-03-20] (Intel Corporation) R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] () S2 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464440 2017-01-20] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation) S4 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin) R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S4 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35304 2017-01-11] (Avira Operations GmbH & Co. KG) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5907216 2017-01-09] (AVG Technologies CZ, s.r.o.) S2 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2011-08-06] (Wistron Corp.) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.0.5\WsAppService.exe [415232 2016-08-09] (Wondershare) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-01-08] (Avira Operations GmbH & Co. KG) R3 avmaudio; C:\WINDOWS\System32\drivers\avmaudio.sys [116096 2012-04-25] (AVM Berlin) R3 avmaura; C:\WINDOWS\System32\drivers\avmaura.sys [116480 2012-12-23] (AVM Berlin) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-24] (Avira Operations GmbH & Co. KG) S3 btmhsf; C:\WINDOWS\System32\DRIVERS\btmhsf.sys [327168 2011-11-15] (Intel Corporation) [Datei ist nicht signiert] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 fspad_win764; C:\WINDOWS\system32\DRIVERS\fspad_win764.sys [209736 2016-10-02] (Sentelic Corporation) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-06-21] (G Data Software AG) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-04-02] () R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2016-09-05] (REALiX(tm)) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.) S3 iBtFltCoex; C:\WINDOWS\System32\DRIVERS\iBtFltCoex.sys [60416 2011-12-09] (Intel Corporation) [Datei ist nicht signiert] S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [165504 2012-03-03] (ITE ) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-06] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmmi.inf_amd64_20163d6ef13a7448\nvlddmkm.sys [14427064 2017-01-28] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2017-01-21] (Realsil Semiconductor Corporation) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] () S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc.) S3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-01-09] (AVG Netherlands B.V.) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [204184 2014-03-04] (Windows (R) Win 7 DDK provider) R1 usedisk; C:\WINDOWS\System32\DRIVERS\usedisk.sys [29208 2014-02-23] (Gili Soft INC.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 cpuz139; \??\C:\Users\Bernie\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] <==== ACHTUNG S3 cpuz140; \??\C:\Users\Bernie\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ACHTUNG U3 idsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-06 22:42 - 2017-02-06 22:42 - 00040319 _____ C:\Users\Bernie\Downloads\FRST.txt 2017-02-06 22:00 - 2017-02-06 22:00 - 00000000 ____D C:\Users\Bernie\Downloads\FRST-OlderVersion 2017-02-03 22:25 - 2017-02-03 22:25 - 08813488 _____ (Piriform Ltd) C:\Users\Bernie\Downloads\ccsetup526.exe 2017-02-03 22:10 - 2017-02-03 22:10 - 04015056 _____ C:\Users\Netzzugang\Downloads\adwcleaner_6.043.exe 2017-02-03 21:58 - 2017-02-03 21:59 - 00000000 ____D C:\Users\Netzzugang\AppData\Local\Waow 2017-02-03 14:02 - 2017-02-03 15:06 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ 2017-02-03 10:43 - 2017-02-03 10:44 - 00744104 _____ C:\Users\Bernie\Documents\IMG_20170203_0001.pdf 2017-02-02 22:40 - 2017-02-05 21:21 - 00000000 ____D C:\AdwCleaner 2017-02-02 22:38 - 2017-02-02 22:38 - 04015056 _____ C:\Users\Bernie\Downloads\AdwCleaner_6.043.exe 2017-02-02 20:47 - 2017-02-06 22:00 - 02421248 _____ (Farbar) C:\Users\Bernie\Downloads\FRST64.exe 2017-02-01 23:06 - 2017-02-01 23:06 - 00001064 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-02-01 23:06 - 2017-02-01 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-02-01 23:05 - 2017-02-01 23:06 - 00000000 ____D C:\Program Files (x86)\HiSuite 2017-01-31 20:13 - 2017-01-31 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2017-01-31 20:13 - 2017-01-31 20:13 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service 2017-01-30 20:43 - 2017-01-30 20:43 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk 2017-01-29 16:31 - 2017-01-29 16:31 - 00000000 _____ C:\Users\Bernie\Documents\Report_AVIRA_170129.txt 2017-01-29 04:19 - 2017-01-29 04:20 - 02444208 _____ C:\Users\Bernie\Downloads\avira_pc_cleaner_de (2).exe 2017-01-28 19:42 - 2017-01-28 19:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\TempOfficeC2R21754D4B-9E21-4FED-A8AD-747FEC90C9B8 2017-01-28 02:50 - 2017-01-28 02:50 - 00000000 ____D C:\WINDOWS\SysWOW64\NV 2017-01-28 02:50 - 2017-01-28 02:50 - 00000000 ____D C:\WINDOWS\system32\NV 2017-01-28 02:48 - 2017-01-28 02:48 - 00000000 ____D C:\WINDOWS\LastGood 2017-01-28 02:47 - 2017-01-28 02:47 - 40192056 _____ C:\WINDOWS\system32\nvcompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 35272760 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 34974656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 28239928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 19008576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 14677272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 11123936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 11019192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 09308896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 08990584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 03167288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 02715072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01985080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437849.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01591352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437849.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 01051584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00988608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00960568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00909760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00687224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00576192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-01-28 02:47 - 2017-01-28 02:47 - 00048696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2017-01-28 02:47 - 2017-01-28 02:47 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-01-28 02:47 - 2017-01-28 02:47 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-01-26 20:35 - 2017-01-26 20:35 - 18405528 _____ (Geek Software GmbH ) C:\Users\Bernie\Downloads\pdf24-creator-8.0.4.exe 2017-01-26 20:35 - 2017-01-26 20:35 - 00001157 _____ C:\Users\Public\Desktop\PDF24.lnk 2017-01-26 20:35 - 2017-01-26 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2017-01-26 20:35 - 2017-01-26 20:35 - 00000000 ____D C:\Program Files (x86)\PDF24 2017-01-26 20:08 - 2017-01-26 20:08 - 00461088 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-25 23:52 - 2017-01-25 23:52 - 00002574 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk 2017-01-25 21:42 - 2017-01-25 21:42 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2017-01-25 21:42 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-01-25 21:42 - 2017-01-25 21:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\Chromium 2017-01-25 21:42 - 2017-01-20 14:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-01-25 21:41 - 2017-01-20 19:39 - 00156608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-01-25 21:41 - 2017-01-20 19:39 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-01-25 21:41 - 2017-01-20 19:39 - 00057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-01-25 21:38 - 2017-01-25 21:38 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance 2017-01-25 21:31 - 2017-01-25 21:31 - 00002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk 2017-01-25 20:23 - 2017-01-25 20:24 - 03312432 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Bernie\Downloads\AVG_Performance_824.exe 2017-01-25 00:17 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 00:17 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-21 23:15 - 2017-01-21 23:15 - 09908776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2017-01-21 23:15 - 2017-01-21 23:15 - 04349480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCRU64.exe 2017-01-21 23:14 - 2017-01-21 23:14 - 06264632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 05347000 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 01959600 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 01133584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00378384 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00362048 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll 2017-01-21 23:14 - 2017-01-21 23:14 - 00310416 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2017-01-21 23:13 - 2017-01-21 23:13 - 09124224 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2017-01-21 23:13 - 2017-01-21 23:13 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 07096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03503048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03302272 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 03203584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 02201600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 02050176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 01353824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00965024 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00689880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00678176 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00574752 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00327448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00231912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00090912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2017-01-21 23:13 - 2017-01-21 23:13 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll 2017-01-21 23:12 - 2017-01-21 23:12 - 03014144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2017-01-21 23:12 - 2017-01-21 23:12 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2017-01-21 23:11 - 2017-01-21 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2017-01-21 23:10 - 2017-01-21 23:11 - 00001016 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2017-01-21 22:16 - 2017-01-21 22:17 - 00739392 _____ (Oracle Corporation) C:\Users\Bernie\Downloads\JavaSetup8u121.exe 2017-01-19 18:57 - 2017-01-25 21:34 - 00000000 ____D C:\Users\Public\Speedup Sessions 2017-01-15 20:20 - 2017-01-15 20:20 - 40044345 _____ C:\Users\Bernie\Downloads\cdw-inst-8-10-4a-24-r2-u01-9l.zip 2017-01-15 20:20 - 2017-01-15 20:20 - 00000000 ____D C:\ProgramData\Canon_Inc_IC 2017-01-15 02:18 - 2017-01-15 02:18 - 00750948 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde3.pdf 2017-01-15 02:18 - 2017-01-15 02:18 - 00734169 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-15 02:17 - 2017-01-15 02:17 - 00724814 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde2.pdf 2017-01-15 02:16 - 2017-01-15 02:16 - 00750200 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Familie.pdf 2017-01-15 02:16 - 2017-01-15 02:16 - 00722820 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Freunde1.pdf 2017-01-15 02:15 - 2017-01-15 02:15 - 00735785 _____ C:\Users\Netzzugang\Desktop\Rössel_Kerstin_161222_Bäckerei_Rössel.pdf 2017-01-13 22:08 - 2017-01-13 22:08 - 00433422 _____ C:\Users\Bernie\Documents\IMG_20170113_0001.pdf 2017-01-11 02:07 - 2017-01-11 02:07 - 00722820 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Freunde2.pdf 2017-01-11 02:06 - 2017-01-11 02:06 - 00724814 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Freunde1.pdf 2017-01-11 02:05 - 2017-01-11 02:05 - 00750200 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Familie.pdf 2017-01-11 02:05 - 2017-01-11 02:05 - 00734169 _____ C:\Users\Bernie\Documents\Rössel_Kerstin_161222_Hotel_Gude.pdf 2017-01-10 20:41 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-10 20:41 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-10 20:41 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-10 20:41 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-10 20:41 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-10 20:41 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-10 20:41 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-10 20:41 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-10 20:41 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-10 20:41 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-10 20:41 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-10 20:41 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-10 20:41 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-10 20:41 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-10 20:41 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-10 20:41 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-10 20:41 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-10 20:41 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-10 20:41 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-10 20:41 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-10 20:41 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-10 20:41 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-10 20:41 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-10 20:41 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-10 20:41 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-10 20:41 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-10 20:41 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-10 20:41 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-10 20:41 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-10 20:41 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-10 20:41 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-10 20:41 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-10 20:41 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-10 20:41 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-10 20:41 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-10 20:41 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-10 20:41 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-10 20:41 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-10 20:41 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-10 20:41 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-10 20:41 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-10 20:41 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-10 20:41 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-10 20:41 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-10 20:41 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-10 20:41 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-10 20:41 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-10 20:41 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-10 20:41 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-10 20:41 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-10 20:41 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-10 20:41 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-10 20:41 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-10 20:41 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-10 20:41 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-10 20:41 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-10 20:41 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-10 20:41 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-10 20:41 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-10 20:41 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-10 20:41 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-10 20:41 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-10 20:41 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-10 20:41 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-10 20:41 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-10 20:41 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-10 20:41 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-10 20:41 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-10 20:41 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-10 20:41 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-10 20:41 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-10 20:41 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-10 20:41 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-10 20:41 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-10 20:41 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-10 20:41 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-10 20:41 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-10 20:41 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-10 20:41 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-10 20:41 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-10 20:41 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-10 20:41 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-10 20:41 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-10 20:41 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-10 20:41 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-10 20:41 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-10 20:41 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-10 20:41 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-10 20:41 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 20:41 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-10 20:41 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-10 20:41 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-10 20:41 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-10 20:41 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-10 20:41 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-10 20:41 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-10 20:41 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-10 20:41 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-10 20:41 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-10 20:41 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-10 20:41 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-10 20:41 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-10 20:41 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-10 20:41 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-10 20:41 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-10 20:41 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-10 20:41 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-10 20:41 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-10 20:41 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-10 20:41 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-10 20:41 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-10 20:41 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-10 20:41 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-10 20:41 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-10 20:41 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-10 20:41 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-10 20:41 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-07 16:21 - 2017-01-07 16:21 - 00009745 _____ C:\Users\Bernie\Desktop\Einkaufszettel.xlsx ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-06 22:42 - 2015-07-02 17:51 - 00000000 ____D C:\FRST 2017-02-06 22:17 - 2015-06-30 19:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-06 22:06 - 2016-08-07 04:43 - 00077524 _____ C:\Users\Bernie\Downloads\Addition.txt 2017-02-06 22:01 - 2015-12-21 22:54 - 00000000 ____D C:\Users\Bernie\AppData\Local\Waow 2017-02-06 20:51 - 2013-04-04 22:20 - 00000000 ____D C:\Users\Bernie\Documents\Outlook-Dateien 2017-02-06 20:34 - 2016-09-20 20:25 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task 2017-02-06 19:34 - 2016-09-01 00:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-06 17:30 - 2016-09-01 00:44 - 00000000 ____D C:\ProgramData\NVIDIA 2017-02-06 17:28 - 2016-09-01 00:46 - 09766594 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-06 17:28 - 2016-07-16 23:51 - 04968564 _____ C:\WINDOWS\system32\perfh007.dat 2017-02-06 17:28 - 2016-07-16 23:51 - 01349804 _____ C:\WINDOWS\system32\perfc007.dat 2017-02-06 17:28 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-06 17:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-06 17:24 - 2016-09-01 01:00 - 01146880 ____H C:\Users\Public\Documents\bootracer.his 2017-02-06 17:24 - 2016-09-01 01:00 - 00000496 ____H C:\Users\Public\Documents\bootracer.ini 2017-02-06 17:24 - 2016-01-06 00:02 - 00000000 ____D C:\ProgramData\BootRacer 2017-02-06 17:21 - 2016-09-01 01:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-06 17:21 - 2016-01-05 23:19 - 00000000 ____D C:\Program Files (x86)\BootRacer 2017-02-06 01:17 - 2016-07-16 07:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI 2017-02-05 21:22 - 2016-07-16 00:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\CrashDumps 2017-02-04 08:55 - 2014-06-26 20:14 - 00000000 ____D C:\ProgramData\CanonIJPLM 2017-02-03 22:26 - 2015-04-26 22:49 - 00000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-02-03 21:10 - 2016-12-25 00:52 - 00003288 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-02-03 21:10 - 2015-12-24 00:30 - 00002441 _____ C:\Users\Netzzugang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-02-03 21:10 - 2015-12-24 00:30 - 00000000 ___RD C:\Users\Netzzugang\OneDrive 2017-02-03 04:27 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-02-03 04:25 - 2011-07-18 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-02-03 01:58 - 2015-12-23 03:23 - 00000000 ____D C:\Users\Bernie\AppData\Local\Packages 2017-02-02 23:00 - 2016-09-01 00:46 - 00000000 ____D C:\Users\Bernie 2017-02-02 23:00 - 2012-04-28 16:55 - 00000000 ____D C:\ProgramData\ICQ 2017-02-02 00:01 - 2012-10-13 15:04 - 00000000 ____D C:\ProgramData\tmp 2017-02-01 23:06 - 2016-10-03 01:35 - 00000000 ____D C:\Users\Bernie\AppData\Local\Hisuite 2017-02-01 23:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-31 20:13 - 2015-05-26 23:18 - 00001306 _____ C:\Users\Public\Desktop\ElsterFormular.lnk 2017-01-31 20:13 - 2015-05-26 23:18 - 00000000 ____D C:\Program Files (x86)\ElsterFormular 2017-01-31 20:13 - 2012-04-24 23:17 - 00000000 ____D C:\ProgramData\elsterformular 2017-01-30 20:43 - 2015-06-21 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-01-30 20:43 - 2013-05-18 01:39 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-29 11:24 - 2013-03-01 22:06 - 00000000 ____D C:\Bilder 2017-01-29 01:54 - 2014-03-15 08:32 - 00000000 ____D C:\Users\Bernie\AppData\LocalLow\Adblock Plus for IE 2017-01-29 01:41 - 2016-09-01 00:44 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-01-28 02:49 - 2016-09-01 00:44 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-28 02:48 - 2016-09-01 00:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-01-28 02:47 - 2016-10-02 03:00 - 03597640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-01-28 02:47 - 2016-07-01 23:10 - 04079032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-01-28 02:47 - 2016-07-01 23:10 - 00043556 _____ C:\WINDOWS\system32\nvinfo.pb 2017-01-27 23:45 - 2016-11-16 16:02 - 00000000 ____D C:\Users\Bernie\AppData\LocalLow\Mozilla 2017-01-27 23:35 - 2016-11-16 16:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-27 23:35 - 2015-07-05 06:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-26 20:08 - 2016-04-16 12:14 - 00000300 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job 2017-01-25 22:57 - 2016-10-31 22:30 - 00003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 22:57 - 2016-10-31 22:30 - 00002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 22:57 - 2016-09-01 01:07 - 00002232 _____ C:\WINDOWS\System32\Tasks\AbelssoftPreloader 2017-01-25 21:42 - 2016-10-31 22:31 - 00001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-25 21:42 - 2016-10-31 22:30 - 00003884 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2016-10-31 22:30 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-01-25 21:42 - 2015-02-01 04:58 - 00000000 ____D C:\Users\Bernie\AppData\Local\NVIDIA Corporation 2017-01-25 21:42 - 2015-01-31 23:25 - 00000000 ____D C:\Users\Bernie\AppData\Local\NVIDIA 2017-01-25 21:32 - 2016-04-30 21:48 - 00000428 _____ C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job 2017-01-25 21:32 - 2015-11-06 00:43 - 00000000 ____D C:\AllShare 2017-01-25 21:32 - 2014-01-15 23:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-25 21:31 - 2014-08-20 11:09 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\AVG 2017-01-25 21:31 - 2014-08-20 10:26 - 00000000 ____D C:\Users\Bernie\AppData\Local\AvgSetupLog 2017-01-25 01:06 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-22 02:23 - 2015-07-15 22:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 23:15 - 2016-09-01 00:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-01-21 23:15 - 2016-04-30 22:02 - 00101928 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll 2017-01-21 23:15 - 2016-04-30 22:01 - 00436224 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys 2017-01-21 23:14 - 2016-09-01 00:44 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-01-21 23:14 - 2016-09-01 00:44 - 00000000 ____D C:\WINDOWS\system32\DAX2 2017-01-21 23:13 - 2016-11-01 22:53 - 03203424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2017-01-21 23:13 - 2016-11-01 22:53 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2017-01-21 23:13 - 2016-11-01 22:53 - 00151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2017-01-21 23:13 - 2016-07-01 22:30 - 00023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2017-01-21 23:12 - 2016-07-01 22:30 - 05545472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2017-01-21 23:10 - 2016-04-30 21:50 - 00000000 ____D C:\Program Files\Easeware 2017-01-21 22:18 - 2016-04-20 20:13 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-21 22:18 - 2013-10-16 22:16 - 00000000 ____D C:\ProgramData\Oracle 2017-01-21 22:18 - 2013-10-16 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-21 22:18 - 2013-09-02 22:40 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-20 19:39 - 2016-07-01 23:14 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-01-20 19:39 - 2016-06-01 22:02 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys 2017-01-20 19:39 - 2015-02-01 04:58 - 01872320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01464768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-01-20 19:39 - 2015-02-01 04:58 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 06401984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 02479160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-01-20 16:13 - 2016-09-01 00:44 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-01-20 15:04 - 2016-10-31 22:30 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-01-20 00:58 - 2016-10-20 19:31 - 00001117 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk 2017-01-19 18:57 - 2016-11-30 19:44 - 00001220 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk 2017-01-19 18:57 - 2015-06-21 13:50 - 00000000 ____D C:\Program Files (x86)\Avira 2017-01-18 13:57 - 2016-09-01 00:44 - 07755067 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-01-15 20:21 - 2012-04-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2017-01-15 20:21 - 2012-04-25 00:05 - 00000000 ____D C:\Program Files (x86)\Canon 2017-01-15 20:20 - 2012-04-28 21:27 - 00000000 ____D C:\Users\Bernie\AppData\Roaming\Canon 2017-01-15 01:17 - 2016-02-13 18:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-13 20:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-12 23:00 - 2016-09-01 01:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-11 23:34 - 2014-08-14 09:42 - 00000000 ____D C:\Users\Bernie\AppData\Local\Adobe 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-11 03:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-11 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-11 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-10 21:00 - 2013-07-09 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-10 20:56 - 2011-07-18 21:31 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-10 20:38 - 2016-09-01 00:46 - 00000000 ____D C:\Users\Netzzugang 2017-01-09 16:43 - 2016-02-09 00:18 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2007-03-12 17:59 - 2007-03-12 17:59 - 0299008 _____ () C:\Program Files (x86)\navigram_register.exe 2015-06-19 13:53 - 2015-06-19 13:53 - 0000000 _____ () C:\Users\Bernie\AppData\Roaming\gdfw.log 2015-06-19 13:52 - 2015-06-21 20:34 - 0001558 _____ () C:\Users\Bernie\AppData\Roaming\gdscan.log 2014-01-21 21:51 - 2014-01-21 21:51 - 0000005 _____ () C:\Users\Bernie\AppData\Roaming\mbam.context.scan 2012-04-24 19:57 - 2012-04-24 19:57 - 0017408 _____ () C:\Users\Bernie\AppData\Local\WebpageIcons.db 2012-07-13 06:38 - 2012-07-13 06:38 - 0000438 _____ () C:\Users\Bernie\AppData\Local\WiDiLog.20120713.073831.txt 2012-07-12 22:43 - 2012-07-12 22:44 - 0008272 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120712.234319.txt 2012-07-12 22:45 - 2012-07-12 23:00 - 2537984 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120712.234543.txt 2012-07-13 06:33 - 2012-07-13 06:41 - 0037411 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20120713.073326.txt 2013-05-18 01:49 - 2013-05-18 01:51 - 0050794 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20130518.024955.wdl 2013-05-18 02:18 - 2013-05-18 02:18 - 0045509 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20130518.031824.wdl 2013-10-08 00:15 - 2013-10-08 00:15 - 0047821 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131008.011509.wdl 2013-10-08 00:15 - 2013-10-08 00:23 - 0054969 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131008.011554.wdl 2013-10-21 22:55 - 2013-10-21 22:56 - 0027977 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131021.235519.txt 2013-11-10 03:20 - 2013-11-10 03:22 - 0044448 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20131110.032011.wdl 2014-02-10 20:15 - 2014-02-10 20:18 - 0039885 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20140210.201548.wdl 2014-05-21 15:54 - 2014-05-21 15:56 - 0058791 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20140521.165419.wdl 2015-09-06 02:25 - 2015-09-06 02:26 - 0053997 _____ () C:\Users\Bernie\AppData\Local\WiDiSetupLog.20150906.032549.wdl 2012-04-19 13:23 - 2012-04-19 13:23 - 0000000 _____ () C:\Users\Bernie\AppData\Local\{EAAC66D5-D0D9-401E-BBD1-552FBB746C9E} 2016-09-01 00:45 - 2016-09-01 00:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Sicherung\psa201se_DLM_ger_full.exe C:\Users\Sicherung\psa201se_ger.exe C:\Users\Sicherung\setupSNK.exe C:\Users\Sicherung\usbadapter54_V100014_ger.exe Einige Dateien in TEMP: ==================== 2016-09-12 18:39 - 2016-09-12 18:39 - 0000000 ____D () C:\Users\Netzzugang\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-01-30 22:08 ==================== Ende von FRST.txt ============================ |
|
07.02.2017, 22:42
| #7 |
| Ruhe in Frieden † 2019 | Meldung von Malwarebytes Anti-Malware Hallo, sry, da hab ich nicht auf das Datum gesehen, Malwarebytes haut sich da gerade etwas mit TuneUp, warum auch immer, korrekt ist das nicht. Allerdings ist TuneUp auch nicht unbedingt empfehlenswert. Du hast da nichts auffälliges auf deinem Rechner, soweit bis jetzt sichtbar. Ich würd TuneUp deinstallieren. Macht wenig nutzen und debuggt legitime Einträge. Das heisst, jedesmal, wenn du irgendwas aufmachst, was AVG meint debuggen zu müssen, öffnet sich TuneUp auch mit. Das bemängelt MBAM, weil das eben auch Malware macht. Schmeiss AVG runter, dann dürfte das Problem gegessen sein.  Machen wir nochmal ESET Schritt 1 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
|
|
08.02.2017, 20:29
| #8 |
| | Meldung von Malwarebytes Anti-Malware Hallo Sandra, danke für die Prüfung. Ich füge den eset Prüfbericht bei. Code:
ATTFilter C:\$RECYCLE.BIN\S-1-5-21-4122516966-2855662277-179015761-1001\$RALQZ27.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\$RECYCLE.BIN\S-1-5-21-4122516966-2855662277-179015761-1001\$RCHQNLC.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\$RECYCLE.BIN\S-1-5-21-4122516966-2855662277-179015761-1001\$RHFZCEV.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\$RECYCLE.BIN\S-1-5-21-4122516966-2855662277-179015761-1001\$RMJPHB5.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\$RECYCLE.BIN\S-1-5-21-4122516966-2855662277-179015761-1001\$RYJTA6O.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\$RECYCLE.BIN\S-1-5-21-4122516966-2855662277-179015761-1001\$RYPUGTA.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\Users\Bernie\Downloads\BootRacer - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung Gesäubert durch Löschen
C:\Users\Bernie\Downloads\ccsetup526.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\Users\Bernie\Downloads\dfsetup220.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
C:\Users\Bernie\Downloads\goback.exe Variante von Win32/TFTPD32.A potenziell unsichere Anwendung Gesäubert durch Löschen
D:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung Gesäubert durch Löschen
G:\Program Files (x86)\EaseUS\System GoBack Free\bin\PxeServer.dll Variante von Win32/TFTPD32.A potenziell unsichere Anwendung Gesäubert durch Löschen
G:\Users\Bernie\Downloads\BootRacer - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung Gesäubert durch Löschen
G:\Users\Bernie\Downloads\ccsetup510.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
G:\Users\Bernie\Downloads\ccsetup511.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
G:\Users\Bernie\Downloads\ccsetup513.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
G:\Users\Bernie\Downloads\ccsetup516.exe Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung Gesäubert durch Löschen
G:\Users\Bernie\Downloads\goback.exe Variante von Win32/TFTPD32.A potenziell unsichere Anwendung Gesäubert durch Löschen
G:\Users\Public\Documents\Wondershare\drfone-for-android_full1561.exe Mehrere Bedrohungen Gesäubert durch Löschen
H:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung Gesäubert durch Löschen
Viele Grüße Bernd |
|
09.02.2017, 22:36
| #9 |
| | Meldung von Malwarebytes Anti-Malware Hallo Sandra, ich habe heute noch einen weiteren Suchlauf mit eset durchgeführt. Ergebnis: keine Funde. Damit dürfte die Aktion erfolgreich abgeschlossen sein. Herzlichen Dank für deine Unterstützung. Viele Grüße Bernd |
|
13.02.2017, 21:08
| #10 |
| Ruhe in Frieden † 2019 | Meldung von Malwarebytes Anti-Malware Sry, ja, wenn du keine Probleme mehr hast dann war es das: OK So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber. Abschließend räumen wir noch etwas auf und dann bekommst du noch etwas Lesestoff von mir. Schritt 1 Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren. Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen. Schritt 2 Downloade dir bitte delfix auf deinen Desktop.
Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems. Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
Aktualität des Systems Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren. Windows XP Gehe auf: Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen Windows Vista Gehe auf: Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen Windows 7 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Windows 8 Dazu drücke auf: Windowstaste und X dann: Programme und Funktionen -->Javaversionen auswählen --> entfernen Falls du Java doch unbedingt benötigst, dann sorge dafür, dass Java automatisch updated. Dazu:
Hier findest du eine Anleitung dazu. Antivirensoftware
Zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Systemleistung Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows. Windows Vista
Windows 7
Windows 8
Halte dich fern von jeglichen Registry Cleanern. Diese schaden deinem System mehr als dass sie es schneller machen. Verhaltensregeln zum sichereren Surfen
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind. Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun. Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun. |
|
| Themen zu Meldung von Malwarebytes Anti-Malware |
| anti-malware, antivirus, avira, datei, erneute, farbar, free, frst.txt, gefunde, gefundene, laptop, malwarebytes, malwarebytes anti-malware, meldung, nichts, quara, quarantäne, recovery, registrierungsschlüssel, riskware, riskware ifeohijack, scan, suchlauf, tool, zip-datei |
Linear-Darstellung
