| |
| |||||||
Log-Analyse und Auswertung: Win 8.1 - Rightcoupon geht nicht weg - kommt mit Selbstanalyse nicht weiterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.05.2017, 17:26
| #1 |
| |  Win 8.1 - Rightcoupon geht nicht weg - kommt mit Selbstanalyse nicht weiter Hallo, ok ich habe oberflächlich zwei Probleme, von denen ich nicht weiß, ob sie zusammenhängen. Ich habe mal ADWCleaner laufen lassen, der löscht was, startet neu, aber zb Registry Anzeigen mit "xvb'lj" werden immer wieder gemeldet und nach 1-2 Tagen zeigt der ADWCleaner auch wieder viel mehr Probleme. Was ich sehe sind zwei Dinge. Erstens auf manchen Seiten taucht permanent der "Rightcoupon" auf. Als normales Programm habe ich ihn nicht gefunden, und auch als Addon oder Erweitungen von Mozilla sehe ich ihn nirgends. Das ist eher nervig bis beunruhigend, ich möchte ihn aber schon raus haben. Das andere ist, nach einigen Stunden schaltet sich der MCAffee Echtzeitschutz ab, ohne dass ich es merke. Dieses Wimpel Symbol von Windows zeigt es dann an, aber egal wie oft ich aktivieren klicke, es wird nicht aktiviert. Nur ein Neustart läßt den MCAffee Echtzeitschutz wieder laufen. Ich berichte mal vom beidem, da ich nicht weiß ob es zusammenhängt. Ich bin leider was Computer betrifft nur normaler Nutzer. Ich verwende Windows 8.1, es ist auf dem neuesten Update-Stand, mein Rechner ist ein Acer Aspire Notebook. Ich bitte um Hilfe und Rat, da ich nur mit Googlen und Nachlesen was andere gemacht haben, leider keinen Erfolg hatte. (Adwcleaner und Spybot probiert.)  Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017
durchgeführt von elikal (Administrator) auf STARGARD (23-05-2017 18:35:44)
Gestartet von C:\Users\elikal\Desktop
Geladene Profile: elikal (Verfügbare Profile: elikal)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\2.3.322.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_6\mcapexe.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(© 2015 Microsoft Corporation) C:\Users\elikal\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
() C:\Windows\FixCamera.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\Legacy\McClientAnalytics.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [557344 2017-04-17] (McAfee, Inc.)
HKLM-x32\...\Run: [WsmUpdater] => C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724896 2016-06-24] (Sony Corporation)
HKLM-x32\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-02-12] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3363342582-2230382534-2369486391-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\elikal\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-3363342582-2230382534-2369486391-1002\...\Run: [SansaDispatch] => C:\Users\elikal\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2014-01-28] (SanDisk Corporation)
HKU\S-1-5-21-3363342582-2230382534-2369486391-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3363342582-2230382534-2369486391-1002\...\Run: [BingSvc] => C:\Users\elikal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3363342582-2230382534-2369486391-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9772248 2017-05-05] (Piriform Ltd)
HKU\S-1-5-21-3363342582-2230382534-2369486391-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKLM\...\Providers\fa742xx2: C:\Program Files (x86)\Nazish Engine\local64spl.dll [309248 2017-05-19] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-02-23] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [170360 2017-02-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2017-02-23] (NVIDIA Corporation)
ShellExecuteHooks: Kein Name - {E493180C-3927-11E7-BE67-64006A5CFC23} - C:\Users\elikal\AppData\Roaming\Coikewardjesety\Rfertwzase.dll -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-07-30]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\elikal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2013-07-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2D6DA03F-E4E0-48B2-87ED-B358A5CE3332}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{373CD580-2886-4774-BFA8-D4B85EFA4F11}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1438285421&z=29502bcca22ac6466cf49ebgfzec0baocb5w0c9qbb&from=cor&uid=TOSHIBAXMQ01ABD100_63DLT31YTXX63DLT31YT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1438285421&z=29502bcca22ac6466cf49ebgfzec0baocb5w0c9qbb&from=cor&uid=TOSHIBAXMQ01ABD100_63DLT31YTXX63DLT31YT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438285421&z=29502bcca22ac6466cf49ebgfzec0baocb5w0c9qbb&from=cor&uid=TOSHIBAXMQ01ABD100_63DLT31YTXX63DLT31YT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438285421&z=29502bcca22ac6466cf49ebgfzec0baocb5w0c9qbb&from=cor&uid=TOSHIBAXMQ01ABD100_63DLT31YTXX63DLT31YT&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438285421&z=29502bcca22ac6466cf49ebgfzec0baocb5w0c9qbb&from=cor&uid=TOSHIBAXMQ01ABD100_63DLT31YTXX63DLT31YT&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-22] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-05] (IvoSoft)
BHO-x32: NVRShowBar -> {0B1B0D47-95F7-4bad-9309-A945B655AE61} -> "C:\Program Files (x86)\Naturalsoft\NaturalReader66\IsRegSpy.exe" => Keine Datei
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> E:\Games\Sword ARC\Arc\Plugins\ArcPluginIE.dll => Keine Datei
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM-x32 - NVRIEbar.IEbar - {BCBF738C-4891-4B9A-959A-C6BF7F608C3A} - C:\Program Files (x86)\Naturalsoft\NaturalReader66\NVRIEbar.dll [2007-05-16] (www.naturalreaders.com)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-04-17] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-04-17] (McAfee, Inc.)
FireFox:
========
FF DefaultProfile: ygkbo51b.default-1495529676915
FF ProfilePath: C:\Users\elikal\AppData\Roaming\Mozilla\Firefox\Profiles\jc9q9tbp.FirefoxElikal [2017-05-23]
FF Extension: (Sale Clipper) - C:\Users\elikal\AppData\Roaming\Mozilla\Firefox\Profiles\jc9q9tbp.FirefoxElikal\Extensions\{45bde14d-dde4-417e-a26d-b08da043f4ae}.xpi [2015-07-30] [ist nicht signiert]
FF ProfilePath: C:\Users\elikal\AppData\Roaming\Mozilla\Firefox\Profiles\ygkbo51b.default-1495529676915 [2017-05-23]
FF Extension: (ProxTube) - C:\Users\elikal\AppData\Roaming\Mozilla\Firefox\Profiles\ygkbo51b.default-1495529676915\Extensions\ich@maltegoetz.de.xpi [2017-05-23]
FF Extension: (Youtube Best Video Downloader 2) - C:\Users\elikal\AppData\Roaming\Mozilla\Firefox\Profiles\ygkbo51b.default-1495529676915\Extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi [2017-05-23]
FF Extension: (Adblock Plus) - C:\Users\elikal\AppData\Roaming\Mozilla\Firefox\Profiles\ygkbo51b.default-1495529676915\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-23]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-03-31] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-14] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-22] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-04-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-14] ()
FF Plugin-x32: @google.com/sewebplugin -> C:\WINDOWS\system32\npsewebplugin.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-04-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> E:\Games\Sword ARC\Arc\Plugins\npArcPluginFF.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3363342582-2230382534-2369486391-1002: @my.com/Games -> C:\Users\elikal\AppData\Local\MyComGames\NPMyComDetector.dll [2016-06-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3363342582-2230382534-2369486391-1002: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\elikal\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-3363342582-2230382534-2369486391-1002: @spawnapps.com/SpawnApps -> C:\ProgramData\SpawnApps\plugin\npspawnapps1.0.0.4.dll [2013-06-19] (SpawnApps)
FF Plugin HKU\S-1-5-21-3363342582-2230382534-2369486391-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\elikal\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3363342582-2230382534-2369486391-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-24] ()
FF Plugin HKU\S-1-5-21-3363342582-2230382534-2369486391-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-30] (Adobe Systems) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-31] (EasyAntiCheat Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1720888 2015-08-24] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6874680 2015-08-24] (GOG.com)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HPSLPSVC; C:\Users\elikal\AppData\Local\Temp\7zS73C9\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert] <==== ACHTUNG
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [994312 2017-04-04] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1344472 2017-02-24] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2017-01-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [385112 2017-01-18] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [343792 2017-01-18] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1551512 2017-02-26] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [427064 2017-02-23] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-22] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-22] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506912 2016-06-24] (Sony Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [Datei ist nicht signiert]
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Datei ist nicht signiert]
R2 swpsvr; C:\ProgramData\Microsoft\Windows\system\appidsvr.dll [103936 2017-05-18] (TODO: <Company name>) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
S3 ArcService; E:\Games\Sword ARC\Arc\ArcService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88464 2017-01-20] (McAfee, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [225432 2017-04-01] (McAfee, Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487184 2017-01-20] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366328 2017-01-20] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2017-04-03] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518704 2017-01-20] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [923640 2017-01-20] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498648 2017-01-19] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109320 2017-01-19] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110256 2017-01-20] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2017-01-20] (McAfee, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-23 18:35 - 2017-05-23 18:36 - 00028508 _____ C:\Users\elikal\Desktop\FRST.txt
2017-05-23 18:35 - 2017-05-23 18:35 - 00000000 ____D C:\FRST
2017-05-23 18:33 - 2017-05-23 18:33 - 02429952 _____ (Farbar) C:\Users\elikal\Desktop\FRST64.exe
2017-05-23 18:02 - 2017-05-23 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-05-23 18:02 - 2017-05-23 18:02 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-05-23 17:58 - 2017-05-23 17:58 - 00000000 ____D C:\Users\elikal\Documents\ProcAlyzer Dumps
2017-05-23 17:48 - 2017-05-23 17:48 - 01663672 _____ (Malwarebytes) C:\Users\elikal\Downloads\JRT.exe
2017-05-23 17:34 - 2017-05-23 17:34 - 04110280 _____ C:\Users\elikal\Desktop\adwcleaner_6.047.exe
2017-05-23 17:32 - 2017-05-23 17:32 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-05-23 14:27 - 2017-05-23 14:27 - 00000000 ____D C:\Jopetiondipas
2017-05-23 10:54 - 2017-05-23 10:54 - 00000000 ____D C:\Users\elikal\Desktop\Alte Firefox-Daten
2017-05-23 10:51 - 2017-05-23 10:51 - 00661857 _____ C:\Users\elikal\Desktop\bookmarks.html
2017-05-23 10:51 - 2017-05-23 10:51 - 00320904 _____ C:\Users\elikal\Desktop\bookmarks-2017-05-23.json
2017-05-22 22:08 - 2017-05-23 18:13 - 00003860 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-05-22 22:08 - 2017-05-23 16:33 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-05-22 17:30 - 2017-05-22 18:11 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-22 17:30 - 2017-05-22 17:42 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-22 17:30 - 2017-05-22 17:30 - 00001411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-05-22 17:30 - 2017-05-22 17:30 - 00001399 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-05-22 17:30 - 2017-05-22 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-05-22 17:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-05-22 17:28 - 2017-05-22 17:29 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\elikal\Downloads\spybot-2.4.exe
2017-05-22 12:27 - 2017-05-22 12:27 - 00000000 ____D C:\Program Files (x86)\fa742xx2
2017-05-21 07:15 - 2017-05-21 07:48 - 00000000 ____D C:\Users\elikal\Documents\Bandicam
2017-05-21 07:15 - 2017-05-21 07:15 - 00000000 ____D C:\Users\elikal\AppData\Roaming\Bandicam Company
2017-05-21 07:14 - 2017-05-21 07:14 - 00001008 _____ C:\Users\Public\Desktop\Bandicam.lnk
2017-05-21 07:14 - 2017-05-21 07:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2017-05-21 07:14 - 2017-05-21 07:14 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-05-21 07:14 - 2017-05-21 07:14 - 00000000 ____D C:\Program Files (x86)\Bandicam
2017-05-21 07:13 - 2017-05-21 07:13 - 16992080 _____ (Bandicam Company) C:\Users\elikal\Downloads\bdcamsetup.exe
2017-05-20 04:39 - 2017-05-20 04:50 - 397720838 _____ C:\Users\elikal\Desktop\Mein Film2.mp4
2017-05-20 04:12 - 2017-05-20 04:12 - 00002792 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-20 04:12 - 2017-05-20 04:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-20 04:12 - 2017-05-20 04:12 - 00000000 ____D C:\Program Files\CCleaner
2017-05-20 02:46 - 2017-05-20 02:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 02:45 - 2017-05-20 02:45 - 00246352 _____ (Mozilla) C:\Users\elikal\Downloads\Firefox Setup Stub 53.0.2.exe
2017-05-20 02:45 - 2017-05-20 02:45 - 00246328 _____ (Mozilla) C:\Users\elikal\Downloads\Firefox Setup Stub 53.0.3.exe
2017-05-19 22:43 - 2017-05-19 22:43 - 00002169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 22:43 - 2017-05-19 22:43 - 00000000 ____D C:\Users\Public\Documents\Google
2017-05-19 22:40 - 2017-05-19 22:40 - 00000000 ____D C:\Program Files (x86)\MIO
2017-05-19 22:38 - 2017-05-19 22:38 - 00000000 ____D C:\Program Files\fa742xx2
2017-05-19 11:04 - 2017-05-20 02:47 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-19 11:04 - 2017-05-20 02:47 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-05-19 10:27 - 2017-05-19 10:58 - 00000000 ____D C:\Users\elikal\AppData\Roaming\Coikewardjesety
2017-05-19 10:27 - 2017-05-19 10:27 - 00005974 _____ C:\WINDOWS\System32\Tasks\Nazish Engine
2017-05-19 10:27 - 2017-05-19 10:27 - 00000000 ____D C:\Program Files (x86)\Nazish Engine
2017-05-19 10:26 - 2017-05-23 17:28 - 00000000 ____D C:\Program Files (x86)\Arucalyckeho
2017-05-19 08:51 - 2017-05-19 08:51 - 00000000 ____D C:\Users\elikal\AppData\Local\SlideshowMaker
2017-05-19 08:51 - 2017-05-19 08:51 - 00000000 ____D C:\Users\elikal\AppData\Local\Movavi
2017-05-19 08:50 - 2017-05-19 14:48 - 00000000 ____D C:\ProgramData\Movavi Slideshow Creator 2
2017-05-19 08:50 - 2017-05-19 08:50 - 00004968 _____ C:\ProgramData\mpbppaym.ztc
2017-05-19 08:50 - 2017-05-19 08:50 - 00001169 _____ C:\Users\Public\Desktop\Movavi Slideshow Maker 2.lnk
2017-05-19 08:50 - 2017-05-19 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Slideshow Maker 2
2017-05-19 08:50 - 2017-05-19 08:50 - 00000000 ____D C:\Program Files (x86)\Movavi Slideshow Maker 2
2017-05-19 08:48 - 2017-05-19 08:49 - 62034952 _____ (Movavi) C:\Users\elikal\Downloads\MovaviSlideshowMakerDistribSetupF.exe
2017-05-19 08:35 - 2017-05-19 08:35 - 00000000 ____D C:\Users\elikal\Documents\FlashIntegro
2017-05-19 08:35 - 2017-05-19 08:35 - 00000000 ____D C:\Users\elikal\AppData\Roaming\FlashIntegro
2017-05-19 08:35 - 2017-05-19 08:35 - 00000000 ____D C:\Users\elikal\AppData\Local\CrashRpt
2017-05-19 08:35 - 2017-05-12 11:38 - 00071480 _____ (Flash-Integro LLC) C:\WINDOWS\SysWOW64\mslvddsfilter3.ax
2017-05-19 08:35 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll
2017-05-19 08:35 - 2005-08-01 18:43 - 00245760 _____ () C:\WINDOWS\SysWOW64\lame.ax
2017-05-19 08:35 - 2004-09-06 15:06 - 00053248 _____ C:\WINDOWS\SysWOW64\xvid.ax
2017-05-19 08:35 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2017-05-19 08:35 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax
2017-05-19 08:35 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2017-05-19 08:35 - 2003-05-21 22:50 - 00156910 _____ C:\WINDOWS\WMSysPr8.prx
2017-05-19 08:35 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm
2017-05-19 08:35 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm
2017-05-19 08:35 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX
2017-05-19 08:35 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2017-05-19 08:35 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm
2017-05-19 08:33 - 2017-05-19 08:34 - 38434920 _____ (Flash-Integro LLC ) C:\Users\elikal\Downloads\video_editor.exe
2017-05-19 08:18 - 2017-05-19 08:18 - 00000000 ____D C:\Users\elikal\.MCTranscodingSDK
2017-05-19 08:16 - 2017-05-19 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2017-05-19 08:16 - 2017-05-19 08:16 - 00000000 ____D C:\ProgramData\Geevs
2017-05-19 08:15 - 2017-05-19 08:19 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2017-05-19 08:14 - 2017-05-19 10:35 - 00000000 ____D C:\Program Files\Lightworks
2017-05-19 08:11 - 2017-05-19 08:13 - 90864952 _____ (EditShare) C:\Users\elikal\Downloads\lightworks_v14.0.0_full_64bit_setup.exe
2017-05-18 23:55 - 2017-05-19 09:39 - 00000000 ____D C:\Users\elikal\Desktop\Music List
2017-05-18 09:56 - 2017-05-18 09:56 - 01155072 _____ C:\WINDOWS\57388d287c280bb669c7dc574d852870.exe
2017-05-18 09:56 - 2017-05-18 09:56 - 00051620 _____ C:\WINDOWS\uninstaller.dat
2017-05-11 15:59 - 2007-04-20 16:40 - 00057344 _____ ( ) C:\WINDOWS\SysWOW64\vsnp325.dll
2017-05-11 15:59 - 2007-02-12 14:50 - 00020480 _____ () C:\WINDOWS\FixCamera.exe
2017-05-11 15:59 - 2006-07-03 10:31 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\amcap.exe
2017-05-11 15:59 - 2005-11-23 13:55 - 00053248 _____ ( ) C:\WINDOWS\SysWOW64\csnp325.dll
2017-05-11 15:58 - 2017-05-11 15:58 - 08758215 _____ C:\Users\elikal\Downloads\00011596_w98seme2000xpvista_v1_0.zip
2017-05-11 14:18 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 14:18 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-05-11 14:18 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 14:18 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 14:18 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-11 14:18 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 14:18 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 14:18 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 14:18 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 14:18 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-11 14:18 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 14:18 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 14:18 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-11 14:18 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 14:18 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-05-11 14:18 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-05-11 14:18 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 14:18 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 14:18 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 14:18 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 14:18 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 14:18 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 14:18 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 14:18 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 14:18 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-05-11 14:18 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 14:18 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-05-11 14:18 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 14:18 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-05-11 14:18 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 14:18 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 14:18 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 14:18 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 14:18 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 14:18 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 14:18 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 14:18 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 14:18 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 14:18 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 14:18 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-05-11 14:18 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 14:18 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 14:18 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 14:18 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 14:18 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 14:18 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 14:18 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 14:18 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-05-11 14:18 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 14:18 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 14:18 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 14:18 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 14:18 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 14:18 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 14:18 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 14:18 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-11 14:18 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-05-11 14:18 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-05-11 14:18 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 14:18 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 14:18 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 14:18 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 14:18 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmitomi.dll
2017-05-11 14:18 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-05-11 14:18 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-05-11 14:18 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmitomi.dll
2017-05-11 14:18 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-11 14:18 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-05-11 14:18 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-05-11 14:18 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-05-11 14:18 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-05-11 14:18 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-05-11 14:18 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-11 14:18 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-05-11 14:18 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-11 14:18 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-05-11 14:18 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-05-11 14:18 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-05-11 14:18 - 2017-03-08 04:44 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-05-11 00:12 - 2017-05-21 07:50 - 00000000 ____D C:\Users\elikal\Desktop\first order
2017-05-03 06:56 - 2017-05-03 06:58 - 55880720 _____ (Softland) C:\Users\elikal\Downloads\dopdf-full.exe
2017-05-02 19:29 - 2017-05-02 19:29 - 04946582 _____ C:\Users\elikal\Downloads\sjippq.zip
2017-04-27 19:53 - 2017-04-27 19:54 - 05643260 _____ C:\Users\elikal\Downloads\betterui1.21.rar
2017-04-26 00:32 - 2017-04-26 03:00 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-04-26 00:32 - 2017-04-26 00:32 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-04-25 18:28 - 2017-04-25 19:47 - 171330228 _____ C:\Users\elikal\Downloads\Apache_OpenOffice_4.1.3_Win_x86_install_de.exe
2017-04-23 20:41 - 2017-04-23 20:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-23 20:41 - 2017-04-23 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-23 18:11 - 2016-11-11 02:49 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-23 18:07 - 2016-11-15 21:30 - 00000000 ____D C:\Users\elikal\AppData\LocalLow\Mozilla
2017-05-23 18:07 - 2013-07-30 20:08 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3363342582-2230382534-2369486391-1002
2017-05-23 18:00 - 2016-10-23 10:45 - 00000000 ____D C:\Users\elikal\Desktop\desk work
2017-05-23 18:00 - 2013-09-04 20:44 - 00000000 ___RD C:\Users\elikal\Desktop\ABLAGE II
2017-05-23 17:57 - 2013-12-04 15:40 - 00000000 ___DO C:\Users\elikal\SkyDrive
2017-05-23 17:56 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-23 17:56 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-05-23 17:55 - 2015-08-31 19:46 - 00000000 ____D C:\AdwCleaner
2017-05-23 17:55 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-05-23 17:32 - 2013-08-04 22:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 17:32 - 2013-07-31 01:25 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 15:45 - 2014-03-06 22:42 - 00003934 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{664A7BCC-F95F-4469-9DED-CD4812737E98}
2017-05-23 10:09 - 2013-09-30 06:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-23 10:09 - 2013-09-30 05:56 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-23 10:09 - 2013-09-30 05:56 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-23 00:10 - 2013-07-30 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-22 17:43 - 2015-07-21 20:40 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-22 17:21 - 2013-12-03 11:18 - 00000000 ____D C:\Users\elikal\AppData\Roaming\ClassicShell
2017-05-22 15:48 - 2013-08-03 22:24 - 00000000 ____D C:\ProgramData\Origin
2017-05-22 14:33 - 2013-08-03 22:26 - 00000000 ____D C:\Users\elikal\AppData\Roaming\Origin
2017-05-22 14:24 - 2014-01-17 01:51 - 00000000 ____D C:\Users\elikal\AppData\Local\Audible
2017-05-22 14:08 - 2013-07-30 21:29 - 00000000 ____D C:\Users\elikal\Documents\My PSP Files
2017-05-22 06:03 - 2013-08-03 22:24 - 00000000 ____D C:\Program Files (x86)\Origin
2017-05-21 07:18 - 2013-07-30 20:07 - 00000000 ____D C:\Users\elikal\AppData\Local\CrashDumps
2017-05-20 04:51 - 2013-08-16 22:59 - 00000000 ____D C:\Users\elikal\AppData\Roaming\Media Player Classic
2017-05-20 04:21 - 2014-03-28 02:19 - 00000000 ____D C:\Users\elikal\AppData\Roaming\TS3Client
2017-05-20 04:18 - 2013-12-04 15:00 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-20 03:36 - 2013-07-30 20:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-20 03:34 - 2013-12-04 15:10 - 00000000 ____D C:\Users\elikal
2017-05-20 02:27 - 2016-06-10 11:53 - 00000354 _____ C:\WINDOWS\Tasks\HPCeeScheduleForelikal.job
2017-05-20 02:13 - 2015-08-26 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-05-19 20:05 - 2016-06-10 11:53 - 00003170 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForelikal
2017-05-17 00:19 - 2015-11-28 12:56 - 00000000 ____D C:\Users\elikal\Desktop\Pagan Work
2017-05-16 18:23 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-05-13 22:33 - 2015-08-03 11:36 - 00000000 ____D C:\Users\elikal\AppData\Roaming\Skype
2017-05-13 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-05-13 15:15 - 2013-08-22 16:44 - 00394752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-13 15:09 - 2013-04-18 12:08 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-05-13 15:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-13 15:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-11 16:02 - 2013-07-30 21:29 - 00000000 ____D C:\ProgramData\InstallShield
2017-05-11 16:02 - 2013-04-18 12:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-11 16:02 - 2012-07-26 07:26 - 00000133 _____ C:\WINDOWS\win.ini
2017-05-09 13:57 - 2013-04-18 12:08 - 00000000 ____D C:\Program Files\Common Files\mcafee
2017-05-09 13:57 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-09 13:55 - 2016-05-26 02:23 - 00003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-05-09 13:55 - 2015-06-26 04:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-05-05 16:17 - 2014-06-27 03:30 - 00000000 ____D C:\ProgramData\Stardock
2017-05-05 16:17 - 2013-07-31 00:55 - 00000000 ____D C:\Users\elikal\Documents\my games
2017-05-05 00:32 - 2016-11-25 01:59 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-04 11:15 - 2014-08-31 20:43 - 00000000 ____D C:\Users\elikal\AppData\Local\Adobe
2017-05-04 11:04 - 2017-02-04 19:35 - 00000000 ____D C:\ProgramData\tmp
2017-05-03 07:09 - 2017-02-04 19:35 - 00000000 ____D C:\ProgramData\hps
2017-05-03 06:36 - 2014-07-29 21:05 - 00000000 ____D C:\Users\elikal\AppData\Local\Blurb
2017-05-03 06:34 - 2014-07-29 21:05 - 00000000 ____D C:\Users\elikal\Documents\Blurb
2017-04-29 00:44 - 2017-04-15 09:18 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 00:44 - 2017-04-15 09:18 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 15:39 - 2013-12-23 18:29 - 00003542 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 15:39 - 2013-12-23 18:29 - 00003414 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-26 03:00 - 2013-10-10 05:15 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-04-23 20:41 - 2015-08-03 11:36 - 00000000 ____D C:\ProgramData\Skype
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-05-19 08:03 - 2017-05-19 08:08 - 0001371 _____ () C:\Users\elikal\AppData\Roaming\vidiot.ini
2014-01-05 05:52 - 2014-02-27 17:56 - 1065984 _____ () C:\Users\elikal\AppData\Local\file__0.localstorage
2015-07-30 21:39 - 2015-07-30 21:39 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-13 04:04 - 2013-07-13 04:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-05-19 08:50 - 2017-05-19 08:50 - 0004968 _____ () C:\ProgramData\mpbppaym.ztc
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-23 10:12
==================== Ende von FRST.txt ============================
Geändert von MaxBerlin (23.05.2017 um 17:52 Uhr) |
| Themen zu Win 8.1 - Rightcoupon geht nicht weg - kommt mit Selbstanalyse nicht weiter |
| acer, aktivieren, anzeige, anzeigen, computer, geht nicht weg, google, klicke, mozilla, nervig, neu, neues, neustart, node.js, nvcontainer, probleme, programm, rechner, registry, safer networking, schutz, seite, seiten, spybot, startet, symbol, win, windows, windowsapps |
Baum-Darstellung