Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
durchgeführt von Zetzl (Administrator) auf ZETZL-PC (25-11-2017 15:00:30)
Gestartet von C:\Users\Zetzl\Desktop
Geladene Profile: Zetzl & NeroMediaHomeUser.4 (Verfügbare Profile: Zetzl & NeroMediaHomeUser.4)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Mein Büro Mobile Connector\deltra.ERP\Deltra.Erp.Host.WinService.exe
() C:\Program Files (x86)\Mein Büro Mobile Connector\Deltra.ERP-Guardian\ErpApiGuardian.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Firebird Project) C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbguard.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) C:\ElsaWin\bin\LcSvrSaz.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Deutsche Telekom AG) C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
() C:\Program Files (x86)\T-Mobile\Data Sync\Voxsync.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() C:\Windows\SysWOW64\spdsvc.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\T-Mobile\Data Sync\SyncManager.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Firebird Project) C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ESET spol. s r.o.) C:\Users\Zetzl\Downloads\ESETOnlineScanner_DEU.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
(Opera Software) C:\Program Files\Opera\49.0.2725.47\opera.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2017-11-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1171480 2017-09-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [4891944 2009-06-23] (Nero AG)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [DivXUpdate] => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [CanonMyPrinter] => C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE [195240 2015-07-22] (Microsoft Corporation)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [179976 2013-09-02] (cyberlink)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-173452848-277635055-2821355942-1001\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ACHTUNG
HKU\S-1-5-21-173452848-277635055-2821355942-1005\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-173452848-277635055-2821355942-1005\...\MountPoints2: F - F:\Bin\ASSETUP.exe
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Data Sync.lnk [2012-05-10]
ShortcutTarget: Data Sync.lnk -> C:\Program Files (x86)\T-Mobile\Data Sync\Voxsync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-03-05]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2016-10-21]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Zetzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2010-03-27]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung <==== ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-173452848-277635055-2821355942-1001] => hxxp://webunlimitedaccess.com/wpad.dat?8e7dd126b866679bee49c022c59ad5b236253111
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E6EB9509-9A8C-4FF5-BEF2-0CBFEB84E8CD}: [DhcpNameServer] 192.168.178.1
ManualProxies: 0hxxp://webunlimitedaccess.com/wpad.dat?8e7dd126b866679bee49c022c59ad5b236253111
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-173452848-277635055-2821355942-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-173452848-277635055-2821355942-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-173452848-277635055-2821355942-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-173452848-277635055-2821355942-1001 - (Kein Name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - Keine Datei
URLSearchHook: HKU\S-1-5-21-173452848-277635055-2821355942-1005 - (Kein Name) - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - Keine Datei
URLSearchHook: HKU\S-1-5-21-173452848-277635055-2821355942-1005 - (Kein Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - Keine Datei
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKU\.DEFAULT -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> {57E25893-1AF2-4766-B401-0ACC7A56836D} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> {1F0C0E4A-72C8-4560-9612-27AD083921F1} URL = hxxp://webtip.ch/cgi-bin/amz_track/tracker_de.pl?loc=search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> {47F43F50-68E2-4F28-B949-26EE0EC9C505} URL = hxxp://www.buyertools.net/cgi-bin/preispiraten_de/nph.fcgi?qry_str={searchTerms}&category=deutsch&how=and&searchtype=simple&Web=on&wiki_tab=on&wiki_tab_old=+CHECKED&ebay_tab=on&ebay_tab_old=+CHECKED&shoppingcom_tab=on&shoppingcom_tab_old=+CHECKED&pirat_tab=on&pirat_tab_old=+CHECKED&JavaScript=enabled&submit=SUCHEN
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> {57E25893-1AF2-4766-B401-0ACC7A56836D} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}
SearchScopes: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-22] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-18] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-18] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-07-22] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> Keine Datei
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-18] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-18] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH)
Toolbar: HKLM - Kein Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Keine Datei
Toolbar: HKLM - Kein Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - Keine Datei
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei
Toolbar: HKU\S-1-5-21-173452848-277635055-2821355942-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-173452848-277635055-2821355942-1005 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei
DPF: HKLM-x32 {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} hxxp://www.myheritage.de/Genoogle/Components/ActiveX/SearchEngineQuery.dll
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-22] (Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default [2017-10-24]
FF Extension: (Avira Browser Safety) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\abs@avira.com [2016-10-08]
FF Extension: (Amazon-Icon) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\amazon-icon@giga.de [2015-01-31] [Lagacy] [ist nicht signiert]
FF Extension: (Amazon Startcenter) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\{144D1513-0819-4538-AD26-D515AF443AE7} [2016-01-11] [Lagacy]
FF Extension: (Amazon Statusbar Button) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\{32DD6873-2BC0-4E4B-B9A3-0E602AB0DC14} [2016-01-11] [Lagacy]
FF Extension: (New Tab) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\{5042dc15-c9d2-453a-914d-4a5b9584ecf4}.xpi [2014-11-28] [Lagacy] [ist nicht signiert]
FF Extension: (Preispiraten) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\{C8D3D3BE-7ADC-4109-BF8C-6330A9F58B0C} [2016-01-13] [Lagacy]
FF Extension: (Adblock Plus) - C:\Users\Zetzl\AppData\Roaming\Mozilla\Firefox\Profiles\lsbn50g9.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01] [Lagacy]
FF ProfilePath: C:\Users\Zetzl\AppData\Roaming\Marmiko IT-Solutions GmbH\Browser 7\Profiles\c4d7i4ob.default [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-01-27] [Lagacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-02-03] ( Sanford L.P.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-18] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-03-19] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-06-28] (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [Keine Datei]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-173452848-277635055-2821355942-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Zetzl\AppData\Local\Google\Chrome\User Data\Default [2017-11-25]
CHR Extension: (Skype) - C:\Users\Zetzl\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-09-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Zetzl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-22]
CHR Extension: (Amazon) - C:\Users\Zetzl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2017-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Zetzl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Zetzl\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-01-31]
Opera:
=======
OPR StartupUrls: "hxxp://google.de/"
OPR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\Zetzl\AppData\Roaming\Opera Software\Opera Stable\Extensions\hmffjpdmbgflojiohllanjaggdenggdo [2016-11-14]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\Zetzl\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2017-10-13]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 BuhlERP; C:\Program Files (x86)\Mein Büro Mobile Connector\Deltra.ERP\Deltra.Erp.Host.WinService.exe [11672 2015-10-29] ()
R2 BuhlERPGuardian; C:\Program Files (x86)\Mein Büro Mobile Connector\Deltra.ERP-Guardian\ErpApiGuardian.exe [17304 2015-07-23] ()
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [604216 2017-02-01] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-11-13] (Dropbox, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3885592 2017-03-03] (devolo AG)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-02-03] (Sanford, L.P.)
R2 FirebirdGuardianbuhlMB; C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbguard.exe [98304 2017-08-15] (Firebird Project) [Datei ist nicht signiert]
R3 FirebirdServerbuhlMB; C:\Program Files (x86)\Buhl\Firebird-Server MB\bin\fbserver.exe [3825664 2017-08-15] (Firebird Project) [Datei ist nicht signiert]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-11-14] (Freemake) [Datei ist nicht signiert]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [Datei ist nicht signiert]
R2 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [Datei ist nicht signiert]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [Datei ist nicht signiert]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [Datei ist nicht signiert]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [Datei ist nicht signiert]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MCSWASVR; C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [12800 2012-08-13] (Deutsche Telekom AG) [Datei ist nicht signiert]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [259368 2009-06-23] (Nero AG)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [Datei ist nicht signiert]
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] () [Datei ist nicht signiert]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 PxDMSService; C:\Program Files (x86)\PIXELA\Network Utility\PxDMSService.exe [179576 2011-10-26] (PIXELA CORPORATION)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [633024 2015-02-04] (Samsung Electronics Co., Ltd.)
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [507184 2017-08-31] ()
S3 Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [161448 2009-03-24] (Samsung Electronics CO., LTD.) [Datei ist nicht signiert]
R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [1000872 2017-06-19] ()
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-10-21] ()
S4 StarMoney 10 OnlineUpdate; C:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 11 OnlineUpdate; C:\Program Files (x86)\StarMoney 11\ouservice\StarMoneyOnlineUpdate.exe [701552 2017-07-06] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SpeedupService; "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-18] (Avira Operations GmbH & Co. KG)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-01-25] (www.winchiphead.com)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2006-06-12] (Samsung Electronics Co., Ltd.) [Datei ist nicht signiert]
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S4 LMIRfsClientNP; kein ImagePath
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2017-11-25] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [36496 2017-03-03] (Riverbed Technology, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-03-21] (Duplex Secure Ltd.)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 usbcamcl; C:\Windows\System32\DRIVERS\usbcamcl.sys [54088 2010-11-24] (usb camera)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [151184 2016-03-10] (MBB)
U3 afit9smj; C:\Windows\System32\Drivers\afit9smj.sys [0 ] (JMicron Technology Corp.) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 ALSysIO; \??\C:\Users\Zetzl\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U0 aswVmm; kein ImagePath
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfoX64.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 DCamUSBSTK02N; system32\DRIVERS\STK02NW2.sys [X]
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S1 eoovtbsm; \??\C:\Windows\system32\drivers\eoovtbsm.sys [X]
S3 getbus; \??\C:\Users\Zetzl\AppData\Local\Temp\getbus.sys [X] <==== ACHTUNG
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 NVNET; system32\DRIVERS\nvmf6264.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
U2 V2iMount; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 15:00 - 2017-11-25 15:00 - 000038634 _____ C:\Users\Zetzl\Desktop\FRST.txt
2017-11-25 14:57 - 2017-11-25 15:00 - 000000000 ____D C:\FRST
2017-11-25 14:56 - 2017-11-25 14:57 - 002393088 _____ (Farbar) C:\Users\Zetzl\Desktop\FRST64.exe
2017-11-25 13:53 - 2017-11-25 13:53 - 000000000 ____D C:\Users\Zetzl\AppData\Local\ESET
2017-11-25 13:52 - 2017-11-25 13:53 - 006974584 _____ (ESET spol. s r.o.) C:\Users\Zetzl\Downloads\ESETOnlineScanner_DEU.exe
2017-11-25 13:50 - 2017-11-25 13:50 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-11-25 13:11 - 2017-11-25 13:11 - 000001690 _____ C:\Users\Public\Desktop\Defraggler.lnk
2017-11-25 13:11 - 2017-11-25 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2017-11-25 13:11 - 2017-11-25 13:11 - 000000000 ____D C:\Program Files\Defraggler
2017-11-25 13:10 - 2017-11-25 13:10 - 004619752 _____ (Piriform Ltd) C:\Users\Zetzl\Downloads\dfsetup221.exe
2017-11-25 13:00 - 2017-11-25 13:00 - 008261584 _____ (Malwarebytes) C:\Users\Zetzl\Desktop\adwcleaner_7.0.4.0.exe
2017-11-25 12:58 - 2017-11-25 12:58 - 000002114 _____ C:\Users\Zetzl\Desktop\MagentaCLOUD.lnk
2017-11-25 12:58 - 2017-11-25 12:58 - 000000000 ____D C:\Users\Zetzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telekom
2017-11-25 12:58 - 2017-11-25 12:58 - 000000000 ____D C:\Program Files (x86)\Telekom
2017-11-25 12:51 - 2017-11-25 12:51 - 000000085 _____ C:\Windows\wininit.ini
2017-11-25 12:50 - 2017-11-25 12:50 - 000000000 ____D C:\Users\Zetzl\Desktop\ReVo
2017-11-25 12:19 - 2017-11-25 12:19 - 000272640 _____ C:\Windows\Minidump\112517-20670-01.dmp
2017-11-25 12:08 - 2017-11-25 12:08 - 000001874 _____ C:\Users\Zetzl\Desktop\mbam log.txt
2017-11-24 07:18 - 2017-11-24 07:18 - 019103594 _____ C:\Users\Zetzl\Downloads\20171124_WN_Gesamtausgabe.pdf
2017-11-23 18:00 - 2017-11-23 18:00 - 000476578 _____ C:\Users\Zetzl\DHL Bestätigung.pdf
2017-11-23 07:01 - 2017-11-23 07:01 - 014104118 _____ C:\Users\Zetzl\Downloads\20171123_WN_Gesamtausgabe.pdf
2017-11-23 07:01 - 2017-11-23 07:01 - 012837249 _____ C:\Users\Zetzl\Downloads\20171122_WN_Gesamtausgabe (1).pdf
2017-11-22 23:24 - 2017-11-22 23:25 - 000430233 _____ C:\Users\Zetzl\Rechnung Nr. 2017110028.pdf
2017-11-22 22:40 - 2017-11-22 22:40 - 000431600 _____ C:\Users\Zetzl\Rechnung Nr. 2017110027.pdf
2017-11-22 17:06 - 2017-11-22 17:06 - 000384048 _____ C:\Users\Zetzl\Downloads\2040.pdf
2017-11-22 17:05 - 2017-11-22 17:05 - 000132343 _____ C:\Users\Zetzl\Downloads\1748.pdf
2017-11-22 17:03 - 2017-11-22 17:03 - 000394478 _____ C:\Users\Zetzl\Downloads\3616.pdf
2017-11-22 07:00 - 2017-11-22 07:00 - 012837249 _____ C:\Users\Zetzl\Downloads\20171122_WN_Gesamtausgabe.pdf
2017-11-22 07:00 - 2017-11-22 07:00 - 000110300 _____ C:\Users\Zetzl\Downloads\Kreditkartenabrechnung-2017-11-14.pdf
2017-11-21 23:09 - 2017-11-21 23:09 - 000433662 _____ C:\Users\Zetzl\Rechnung Nr. 2017110022.pdf
2017-11-21 22:04 - 2017-11-21 22:04 - 000430205 _____ C:\Users\Zetzl\Rechnung Nr. 2017110026.pdf
2017-11-21 21:40 - 2017-11-21 21:40 - 000428723 _____ C:\Users\Zetzl\Rechnung Nr. 2017110025.pdf
2017-11-21 06:54 - 2017-11-21 06:54 - 025260812 _____ C:\Users\Zetzl\Downloads\20171121_WN_Gesamtausgabe.pdf
2017-11-21 06:52 - 2017-11-21 06:52 - 000001086 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-20 20:07 - 2017-11-20 20:07 - 000147484 _____ C:\Users\Zetzl\Downloads\DHL_label_2017-11-20_20_8_30.pdf
2017-11-20 15:33 - 2017-11-20 15:33 - 000104490 _____ C:\Users\Zetzl\Downloads\1357.pdf
2017-11-20 15:31 - 2017-11-20 15:31 - 000210378 _____ C:\Users\Zetzl\Downloads\3169.pdf
2017-11-20 06:53 - 2017-11-20 06:53 - 049102725 _____ C:\Users\Zetzl\Downloads\20171118_WN_Gesamtausgabe.pdf
2017-11-20 06:53 - 2017-11-20 06:53 - 011205952 _____ C:\Users\Zetzl\Downloads\20171120_WN_Gesamtausgabe.pdf
2017-11-19 19:48 - 2017-11-19 19:48 - 000047720 _____ C:\Users\Zetzl\Downloads\brands4friends_rechnung_768424203_21102017_021015 (1).pdf
2017-11-19 19:33 - 2017-11-19 19:33 - 000122728 _____ C:\Users\Zetzl\Downloads\13104011525212.pdf
2017-11-19 17:15 - 2017-11-19 17:15 - 000428724 _____ C:\Users\Zetzl\Rechnung Nr. 2017110024.pdf
2017-11-19 14:18 - 2017-11-19 14:18 - 000050479 _____ C:\Users\Zetzl\Downloads\1301276_2017_Nr.010_Kontoauszug_vom_31.10.2017_20171119021922.pdf
2017-11-19 14:17 - 2017-11-19 14:17 - 000060778 _____ C:\Users\Zetzl\Downloads\1324411_2017_Nr.010_Kontoauszug_vom_31.10.2017_20171119021908.pdf
2017-11-17 23:47 - 2017-11-21 06:52 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
2017-11-17 22:44 - 2017-11-17 22:44 - 000388608 _____ (Trend Micro Inc.) C:\Users\Zetzl\HijackThis_2.0.5.exe
2017-11-17 22:38 - 2017-11-25 12:51 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-11-17 22:38 - 2017-11-25 12:51 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-11-17 22:36 - 2017-11-17 22:36 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Zetzl\spybotsd-2.6.46.exe
2017-11-17 22:34 - 2017-11-17 22:34 - 003167552 _____ (Avira Operations GmbH & Co. KG) C:\Users\Zetzl\avira_registry_cleaner_de.exe
2017-11-17 22:30 - 2017-11-17 22:30 - 000367616 _____ (Avira GmbH) C:\Users\Zetzl\removaltool-win32-de18.exe
2017-11-17 16:51 - 2017-11-17 16:52 - 000428872 _____ C:\Users\Zetzl\Rechnung Nr. 2017110021.pdf
2017-11-17 07:02 - 2017-11-17 07:02 - 012985889 _____ C:\Users\Zetzl\Downloads\20171116_WN_Gesamtausgabe.pdf
2017-11-17 06:46 - 2017-11-17 06:46 - 012217423 _____ C:\Users\Zetzl\Downloads\20171117_WN_Gesamtausgabe.pdf
2017-11-16 18:03 - 2017-11-16 18:03 - 000452560 _____ C:\Users\Zetzl\Downloads\man_avira_antivir-removaltool_de.pdf
2017-11-16 17:51 - 2017-11-16 17:51 - 008261584 _____ (Malwarebytes) C:\Users\Zetzl\adwcleaner_7.0.4.0 (1).exe
2017-11-16 16:31 - 2017-11-16 16:31 - 000389320 _____ C:\Users\Zetzl\Downloads\3612 (2).pdf
2017-11-16 16:18 - 2017-11-16 16:18 - 000150157 _____ C:\Users\Zetzl\Downloads\DHL_label_2017-11-16_16_19_59.pdf
2017-11-16 16:02 - 2017-11-16 16:02 - 000010338 _____ C:\Users\Zetzl\Downloads\Ihre Retourenmarke.pdf
2017-11-16 15:37 - 2017-11-16 15:37 - 000442662 _____ C:\Users\Zetzl\Downloads\3612 (1).pdf
2017-11-16 15:36 - 2017-11-16 15:36 - 000389320 _____ C:\Users\Zetzl\Downloads\3612.pdf
2017-11-16 15:33 - 2017-11-16 15:33 - 000262304 _____ C:\Users\Zetzl\Downloads\3611.pdf
2017-11-16 15:32 - 2017-11-16 15:32 - 000174544 _____ C:\Users\Zetzl\Downloads\3606.pdf
2017-11-15 23:30 - 2017-11-15 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-11-15 13:00 - 2017-10-18 08:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-15 13:00 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-15 13:00 - 2017-10-18 03:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-15 13:00 - 2017-10-18 03:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-15 13:00 - 2017-10-18 03:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-15 13:00 - 2017-10-18 03:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-15 13:00 - 2017-10-18 03:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-15 13:00 - 2017-10-18 03:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-15 13:00 - 2017-10-18 03:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-15 13:00 - 2017-10-17 00:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-15 13:00 - 2017-10-16 23:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-15 13:00 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-15 13:00 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-15 13:00 - 2017-10-14 09:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-15 13:00 - 2017-10-14 09:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 13:00 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-15 13:00 - 2017-10-14 09:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-15 13:00 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-15 13:00 - 2017-10-14 09:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-15 13:00 - 2017-10-14 09:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-15 13:00 - 2017-10-14 09:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-15 13:00 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-15 13:00 - 2017-10-14 09:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-15 13:00 - 2017-10-14 09:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-15 13:00 - 2017-10-14 09:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-15 13:00 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-15 13:00 - 2017-10-14 09:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-15 13:00 - 2017-10-14 09:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-15 13:00 - 2017-10-14 09:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-15 13:00 - 2017-10-14 08:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 13:00 - 2017-10-14 08:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-15 13:00 - 2017-10-14 08:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-15 13:00 - 2017-10-14 08:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 13:00 - 2017-10-14 08:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-15 13:00 - 2017-10-14 08:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-15 13:00 - 2017-10-14 08:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-15 13:00 - 2017-10-14 08:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-15 13:00 - 2017-10-14 08:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-15 13:00 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-15 13:00 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-15 13:00 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-15 13:00 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-15 13:00 - 2017-10-14 08:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-15 13:00 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-15 13:00 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-15 13:00 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-15 13:00 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-15 13:00 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-15 13:00 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-15 13:00 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-15 13:00 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-15 13:00 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-15 13:00 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-15 13:00 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-15 13:00 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-15 13:00 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-15 13:00 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-15 13:00 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-15 13:00 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-15 13:00 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-15 13:00 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-15 13:00 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-15 13:00 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-15 13:00 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-15 13:00 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-15 13:00 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-15 13:00 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-15 13:00 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-15 13:00 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-15 13:00 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-15 13:00 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-15 13:00 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-15 13:00 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-15 13:00 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-15 13:00 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-15 13:00 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-15 13:00 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-15 13:00 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-15 13:00 - 2017-10-12 01:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-15 13:00 - 2017-10-12 01:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-15 13:00 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-15 13:00 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-15 13:00 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-15 13:00 - 2017-10-12 01:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-15 13:00 - 2017-10-12 01:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 13:00 - 2017-10-12 01:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-15 13:00 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-15 13:00 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-15 13:00 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-15 13:00 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-15 13:00 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-15 13:00 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-15 13:00 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-15 13:00 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-15 13:00 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-15 13:00 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-15 13:00 - 2017-10-12 01:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-15 13:00 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-15 12:59 - 2017-10-18 03:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-15 12:59 - 2017-10-18 03:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-15 12:59 - 2017-10-15 23:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-15 12:59 - 2017-10-04 14:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-15 12:59 - 2017-10-04 14:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-15 12:59 - 2017-10-04 14:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-15 12:59 - 2017-10-04 14:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-15 12:59 - 2017-10-04 14:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-15 12:59 - 2017-10-04 14:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-15 12:59 - 2017-10-04 14:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-14 21:11 - 2017-11-14 21:11 - 000194146 _____ C:\Users\Zetzl\Downloads\DHL_label_2017-11-14_21_13_8.pdf
2017-11-14 06:45 - 2017-11-14 06:45 - 020002683 _____ C:\Users\Zetzl\Downloads\20171114_WN_Gesamtausgabe.pdf
2017-11-13 20:09 - 2017-11-13 20:09 - 000428843 _____ C:\Users\Zetzl\Rechnung Nr. 2017110019.pdf
2017-11-13 11:26 - 2017-11-13 11:26 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-11-13 11:26 - 2017-11-13 11:26 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-11-13 11:26 - 2017-11-13 11:26 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-11-13 07:11 - 2017-11-13 07:11 - 032763275 _____ C:\Users\Zetzl\Downloads\20171111_WN_Gesamtausgabe.pdf
2017-11-13 07:11 - 2017-11-13 07:11 - 011383123 _____ C:\Users\Zetzl\Downloads\20171113_WN_Gesamtausgabe.pdf
2017-11-12 18:32 - 2017-11-12 18:32 - 000504919 _____ C:\Users\Zetzl\Downloads\3609.pdf
2017-11-12 18:30 - 2017-11-12 18:30 - 000419161 _____ C:\Users\Zetzl\Downloads\3607.pdf
2017-11-12 16:05 - 2017-11-23 20:12 - 000003856 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1510499107
2017-11-12 16:05 - 2017-11-23 20:12 - 000000000 ____D C:\Program Files\Opera
2017-11-12 16:05 - 2017-11-12 16:05 - 000001059 _____ C:\Users\Public\Desktop\Opera-Browser.lnk
2017-11-12 16:05 - 2017-11-12 16:05 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2017-11-12 13:31 - 2017-11-12 13:31 - 000000000 ____D C:\Users\Zetzl\AppData\OICE_15_974FA576_32C1D314_CF6
2017-11-11 18:02 - 2017-11-12 17:55 - 000428655 _____ C:\Users\Zetzl\Rechnung Nr. 2017110016.pdf
2017-11-11 16:32 - 2017-11-11 16:32 - 000430244 _____ C:\Users\Zetzl\Rechnung Nr. 2017110013.pdf
2017-11-11 16:17 - 2017-11-11 18:10 - 000428809 _____ C:\Users\Zetzl\Rechnung Nr. 2017110014.pdf
2017-11-11 13:45 - 2017-11-11 13:45 - 000008562 _____ C:\Users\Zetzl\Desktop\JRT.txt
2017-11-11 13:37 - 2017-11-11 13:37 - 000001833 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-11 13:37 - 2017-11-11 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-11 13:37 - 2017-11-11 13:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-11 13:37 - 2017-11-11 13:37 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-11 13:37 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-11-11 13:33 - 2017-11-11 13:33 - 001790024 _____ (Malwarebytes) C:\Users\Zetzl\JRT.exe
2017-11-10 23:07 - 2017-11-10 23:07 - 000085056 _____ C:\Users\Zetzl\Bewerbungsformular-HML-Heilbronn-2018.pdf
2017-11-10 12:13 - 2017-11-10 12:13 - 000431637 _____ C:\Users\Zetzl\Rechnung Nr. 2017110012.pdf
2017-11-10 07:07 - 2017-11-10 07:07 - 024236463 _____ C:\Users\Zetzl\Downloads\20171110_WN_Gesamtausgabe.pdf
2017-11-10 07:07 - 2017-11-10 07:07 - 011127294 _____ C:\Users\Zetzl\Downloads\20171109_WN_Gesamtausgabe.pdf
2017-11-09 19:48 - 2017-11-09 19:48 - 000147582 _____ C:\Users\Zetzl\Downloads\DHL_label_2017-11-9_19-50-8.pdf
2017-11-09 12:44 - 2017-11-09 12:44 - 000428736 _____ C:\Users\Zetzl\Rechnung Nr. 2017110010.pdf
2017-11-09 12:42 - 2017-11-09 12:42 - 000113561 _____ C:\Users\Zetzl\Abrechnung 2016 Photovoltaik.pdf
2017-11-09 12:41 - 2017-11-09 12:41 - 000113561 _____ C:\Users\Zetzl\Downloads\ISU241101129876 (1).pdf
2017-11-08 06:52 - 2017-11-08 06:52 - 012469576 _____ C:\Users\Zetzl\Downloads\20171108_WN_Gesamtausgabe.pdf
2017-11-07 21:12 - 2017-11-07 21:12 - 008261584 _____ (Malwarebytes) C:\Users\Zetzl\Documents\adwcleaner_7.0.4.0.exe
2017-11-07 06:58 - 2017-11-07 06:58 - 030470814 _____ C:\Users\Zetzl\Downloads\20171104_WN_Gesamtausgabe.pdf
2017-11-07 06:58 - 2017-11-07 06:58 - 010893789 _____ C:\Users\Zetzl\Downloads\20171106_WN_Gesamtausgabe.pdf
2017-11-07 06:58 - 2017-11-07 06:58 - 010055952 _____ C:\Users\Zetzl\Downloads\20171103_WN_Gesamtausgabe.pdf
2017-11-07 06:57 - 2017-11-07 06:57 - 020178013 _____ C:\Users\Zetzl\Downloads\20171107_WN_Gesamtausgabe.pdf
2017-11-06 22:00 - 2017-11-06 22:00 - 000148786 _____ C:\Users\Zetzl\Downloads\DHL_label_2017-11-6_22-1-41.pdf
2017-11-06 21:58 - 2017-11-06 21:58 - 000148057 _____ C:\Users\Zetzl\Downloads\DHL_label_2017-11-6_21-59-20.pdf
2017-11-06 21:03 - 2017-11-06 21:03 - 000428653 _____ C:\Users\Zetzl\Rechnung Nr. 2017110007.pdf
2017-11-05 23:04 - 2017-11-05 23:04 - 000428682 _____ C:\Users\Zetzl\Rechnung Nr. 2017110006.pdf
2017-11-05 22:49 - 2017-11-05 22:49 - 000205259 _____ C:\Users\Zetzl\Downloads\Rechnung_764622.pdf
2017-11-02 19:20 - 2017-11-02 19:20 - 000054622 _____ C:\Users\Zetzl\Downloads\0155.pdf
2017-11-02 19:19 - 2017-11-02 19:19 - 000211583 _____ C:\Users\Zetzl\Downloads\0002.pdf
2017-11-02 19:14 - 2017-11-02 19:14 - 000060747 _____ C:\Users\Zetzl\Downloads\0579.pdf
2017-11-02 19:13 - 2017-11-02 19:13 - 000033102 _____ C:\Users\Zetzl\Downloads\0001.pdf
2017-11-02 12:54 - 2017-11-02 12:54 - 000043800 _____ C:\Users\Zetzl\Downloads\Rechnung_12122.pdf
2017-11-02 10:56 - 2017-11-02 10:56 - 000124324 _____ C:\Users\Zetzl\Downloads\13104011495174.pdf
2017-11-02 08:12 - 2017-11-02 08:12 - 012042051 _____ C:\Users\Zetzl\Downloads\20171102_WN_Gesamtausgabe.pdf
2017-11-01 22:47 - 2017-11-01 22:47 - 000428606 _____ C:\Users\Zetzl\Rechnung Nr. 2017110001.pdf
2017-11-01 13:09 - 2017-11-01 13:08 - 000966776 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Zetzl\rufus-2.17.exe
2017-11-01 13:07 - 2017-11-01 13:10 - 000000306 __RSH C:\ProgramData\ntuser.pol
2017-10-31 20:03 - 2017-10-31 20:03 - 000428648 _____ C:\Users\Zetzl\Rechnung Nr. 2017100036.pdf
2017-10-30 19:20 - 2017-10-30 19:20 - 002431814 _____ C:\Users\Zetzl\GU_Shirt_Stick2_ansicht3.pdf
2017-10-30 10:21 - 2017-10-30 10:21 - 035636041 _____ C:\Users\Zetzl\Downloads\20171030_WN_Gesamtausgabe.pdf
2017-10-29 07:13 - 2017-11-25 12:42 - 000505980 _____ C:\Windows\ntbtlog.txt
2017-10-28 14:23 - 2017-10-28 14:23 - 008261584 _____ (Malwarebytes) C:\Users\Zetzl\adwcleaner_7.0.4.0.exe
2017-10-28 14:23 - 2017-10-28 14:23 - 008250832 _____ (Malwarebytes) C:\Users\Zetzl\adwcleaner_7.0.3.1.exe
2017-10-28 14:14 - 2017-10-28 14:14 - 000428887 _____ C:\Users\Zetzl\Rechnung Nr. 2017100035.pdf
2017-10-28 14:13 - 2017-10-28 14:13 - 035389789 _____ C:\Users\Zetzl\Downloads\20171028_WN_Gesamtausgabe.pdf
2017-10-27 21:08 - 2017-10-27 21:08 - 000428748 _____ C:\Users\Zetzl\Downloads\Rechnung-Nr.-2017040023 (1).pdf
2017-10-27 21:07 - 2017-10-27 21:07 - 000428748 _____ C:\Users\Zetzl\Downloads\Rechnung-Nr.-2017040023.pdf
2017-10-27 10:57 - 2017-10-27 11:20 - 000428870 _____ C:\Users\Zetzl\Rechnung Nr. 2017100034.pdf
2017-10-27 10:53 - 2017-10-27 10:53 - 000430595 _____ C:\Users\Zetzl\Rechnung Nr. 2017070013.pdf
2017-10-27 06:18 - 2017-09-07 14:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-10-27 06:18 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-10-27 05:49 - 2017-10-27 05:49 - 014206993 _____ C:\Users\Zetzl\Downloads\20171027_WN_Gesamtausgabe.pdf
2017-10-26 06:00 - 2017-10-26 06:00 - 015548211 _____ C:\Users\Zetzl\Downloads\20171026_WN_Gesamtausgabe.pdf
2017-10-26 06:00 - 2017-10-26 06:00 - 015548211 _____ C:\Users\Zetzl\Downloads\20171026_WN_Gesamtausgabe (1).pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 14:42 - 2016-01-06 17:33 - 000001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-11-25 13:57 - 2009-07-14 05:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-25 13:57 - 2009-07-14 05:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-25 13:49 - 2016-01-06 17:33 - 000001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-11-25 13:49 - 2014-09-04 09:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-11-25 13:49 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-25 13:09 - 2010-03-27 22:57 - 000000000 ____D C:\Windows\pss
2017-11-25 13:07 - 2014-09-04 09:02 - 000000000 ____D C:\Users\Zetzl\AppData\Roaming\Raptr
2017-11-25 13:07 - 2014-01-19 19:48 - 000000000 ___RD C:\Users\Zetzl\Mediencenter
2017-11-25 13:06 - 2012-12-01 19:37 - 000000000 ____D C:\Users\NeroMediaHomeUser.4.Zetzl-PC
2017-11-25 13:03 - 2016-10-31 20:26 - 000000000 ____D C:\AdwCleaner
2017-11-25 12:58 - 2014-01-19 19:47 - 000000000 ____D C:\Users\Zetzl\AppData\Roaming\Telekom
2017-11-25 12:57 - 2014-11-04 19:52 - 000000000 ____D C:\ProgramData\firebird
2017-11-25 12:54 - 2010-03-28 10:01 - 000000000 ____D C:\Users\Zetzl\AppData\Roaming\ICQ
2017-11-25 12:52 - 2010-03-27 20:46 - 000000000 ____D C:\Users\Zetzl\AppData\Roaming\Skype
2017-11-25 12:32 - 2012-03-16 19:26 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft
2017-11-25 12:20 - 2016-10-26 10:20 - 000000000 ____D C:\Users\Public\Speedup Sessions
2017-11-25 12:20 - 2009-07-14 18:58 - 000702942 _____ C:\Windows\system32\perfh007.dat
2017-11-25 12:20 - 2009-07-14 18:58 - 000150582 _____ C:\Windows\system32\perfc007.dat
2017-11-25 12:20 - 2009-07-14 06:13 - 001629348 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-25 12:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-25 12:19 - 2017-09-11 17:01 - 419199227 _____ C:\Windows\MEMORY.DMP
2017-11-25 12:19 - 2011-03-26 16:29 - 000000000 ____D C:\Windows\Minidump
2017-11-25 11:54 - 2017-09-18 18:15 - 000003316 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-11-25 08:20 - 2012-05-10 18:50 - 000000000 ____D C:\Users\Zetzl\Documents\Outlook-Dateien
2017-11-24 22:28 - 2016-10-26 16:24 - 001368548 _____ C:\Windows\SysWOW64\winapp2_disk.csv
2017-11-24 17:47 - 2012-05-15 19:44 - 000000000 ____D C:\Users\Zetzl\Documents\Calibre Bibliothek
2017-11-23 21:14 - 2014-01-17 14:19 - 000000000 ____D C:\Users\Zetzl\Documents\Ann-Cathrin
2017-11-23 18:00 - 2010-03-27 16:19 - 000000000 ____D C:\Users\Zetzl
2017-11-23 11:27 - 2017-03-11 23:25 - 000000000 ____D C:\Program Files (x86)\StarMoney 11
2017-11-22 22:35 - 2016-10-21 20:44 - 000000000 ____D C:\Users\Zetzl\Documents\Scan
2017-11-22 22:34 - 2011-11-20 19:46 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-11-22 21:42 - 2016-07-26 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-22 07:46 - 2013-08-08 10:27 - 000000000 ____D C:\Windows\system32\MRT
2017-11-22 07:23 - 2017-10-11 06:29 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-22 07:22 - 2010-03-27 16:27 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-21 06:52 - 2014-08-04 17:58 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-20 21:32 - 2010-03-27 16:26 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-20 06:47 - 2009-07-14 06:08 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-11-17 23:47 - 2011-10-16 16:19 - 000000000 ____D C:\ProgramData\Avira
2017-11-17 22:36 - 2014-10-31 22:44 - 000000000 ____D C:\Users\Zetzl\AppData\Local\CrashDumps
2017-11-16 18:03 - 2015-06-27 11:07 - 000000000 ____D C:\Program Files (x86)\Dr. Hardware 2015
2017-11-15 23:30 - 2016-01-06 17:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-11-15 17:01 - 2017-01-11 06:49 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-11-15 17:01 - 2015-11-06 13:50 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-15 16:43 - 2014-09-03 14:42 - 005394864 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-15 16:42 - 2014-12-10 06:43 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-14 20:18 - 2016-12-19 11:19 - 000004504 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-11-14 20:18 - 2016-12-19 11:19 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 20:18 - 2012-04-07 09:23 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 20:18 - 2011-11-27 10:21 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 20:18 - 2011-05-24 10:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 20:18 - 2010-03-27 21:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-13 21:20 - 2015-05-05 12:01 - 000000000 ____D C:\Program Files (x86)\StarMoney 10
2017-11-12 15:55 - 2010-03-27 23:09 - 000000000 ____D C:\Program Files (x86)\Opera
2017-11-12 15:55 - 2010-03-27 16:19 - 000001387 _____ C:\Users\Zetzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-11-11 14:03 - 2011-06-26 16:41 - 000000000 ____D C:\Program Files (x86)\Winload
2017-11-11 14:00 - 2014-01-11 15:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-11 13:54 - 2016-12-26 15:11 - 000000937 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-11 13:54 - 2016-12-26 15:11 - 000000925 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-09 06:53 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-11-02 20:53 - 2014-09-03 13:05 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-01 13:07 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-11-01 13:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-11-01 09:07 - 2014-10-27 18:42 - 000000000 ____D C:\Users\Zetzl\AppData\LocalLow\Adblock Plus for IE
2017-10-30 12:54 - 2012-11-18 14:03 - 002188288 ___SH C:\Users\Zetzl\Thumbs.db
2017-10-27 06:20 - 2010-04-04 18:25 - 001602692 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-10-28 14:23 - 2017-10-28 14:23 - 008250832 _____ (Malwarebytes) C:\Users\Zetzl\adwcleaner_7.0.3.1.exe
2017-11-16 17:51 - 2017-11-16 17:51 - 008261584 _____ (Malwarebytes) C:\Users\Zetzl\adwcleaner_7.0.4.0 (1).exe
2017-10-28 14:23 - 2017-10-28 14:23 - 008261584 _____ (Malwarebytes) C:\Users\Zetzl\adwcleaner_7.0.4.0.exe
2017-11-17 22:34 - 2017-11-17 22:34 - 003167552 _____ (Avira Operations GmbH & Co. KG) C:\Users\Zetzl\avira_registry_cleaner_de.exe
2017-08-08 22:34 - 2017-08-08 22:34 - 034304344 _____ (Digital Wave Ltd ) C:\Users\Zetzl\FreeYouTubeDownload_4.1.51.713_d.exe
2017-11-17 22:44 - 2017-11-17 22:44 - 000388608 _____ (Trend Micro Inc.) C:\Users\Zetzl\HijackThis_2.0.5.exe
2017-11-11 13:33 - 2017-11-11 13:33 - 001790024 _____ (Malwarebytes) C:\Users\Zetzl\JRT.exe
2017-11-17 22:30 - 2017-11-17 22:30 - 000367616 _____ (Avira GmbH) C:\Users\Zetzl\removaltool-win32-de18.exe
2017-11-01 13:09 - 2017-11-01 13:08 - 000966776 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Zetzl\rufus-2.17.exe
2017-10-22 12:18 - 2017-10-22 12:18 - 001640448 _____ (Hewlett-Packard) C:\Users\Zetzl\Sniper Elite 4 InstallShield Wizard v.1.2.exe
2017-11-17 22:36 - 2017-11-17 22:36 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\Zetzl\spybotsd-2.6.46.exe
2016-08-29 13:46 - 2016-08-29 13:48 - 000037226 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2014-04-19 18:19 - 2014-06-23 13:58 - 000000000 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2010-07-31 20:24 - 2002-07-26 16:02 - 000153088 _____ () C:\Program Files (x86)\UNWISE.EXE
2017-03-05 14:07 - 2017-03-12 09:57 - 000000132 _____ () C:\Users\Zetzl\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2012-12-23 10:07 - 2012-12-23 10:07 - 000000268 ___RH () C:\Users\Zetzl\AppData\Roaming\business-inkjet
2010-10-24 14:38 - 2010-10-24 14:38 - 000000122 _____ () C:\Users\Zetzl\AppData\Roaming\default.pls
2010-03-27 22:34 - 2010-03-27 22:34 - 000099384 _____ () C:\Users\Zetzl\AppData\Roaming\inst.exe
2010-03-27 22:34 - 2010-03-27 22:34 - 000007859 _____ () C:\Users\Zetzl\AppData\Roaming\pcouffin.cat
2010-03-27 22:34 - 2010-03-27 22:34 - 000001167 _____ () C:\Users\Zetzl\AppData\Roaming\pcouffin.inf
2010-03-27 22:35 - 2013-11-17 16:27 - 000000033 _____ () C:\Users\Zetzl\AppData\Roaming\pcouffin.log
2010-03-27 22:34 - 2010-03-27 22:34 - 000082816 _____ (VSO Software) C:\Users\Zetzl\AppData\Roaming\pcouffin.sys
2012-12-23 10:12 - 2012-12-23 10:13 - 000000268 ___RH () C:\Users\Zetzl\AppData\Roaming\Tremolo
2010-12-03 16:34 - 2012-12-23 10:08 - 000000268 ___RH () C:\Users\Zetzl\AppData\Roaming\Tuner
2012-12-23 10:08 - 2012-12-23 10:08 - 000000268 ___RH () C:\Users\Zetzl\AppData\Roaming\URLs
2012-12-23 10:08 - 2012-12-23 10:08 - 000000268 ___RH () C:\Users\Zetzl\AppData\Roaming\User Loops
2013-09-23 18:28 - 2014-03-21 17:27 - 000000153 _____ () C:\Users\Zetzl\AppData\Roaming\WB.CFG
2014-03-22 14:08 - 2016-07-24 16:53 - 000004919 _____ () C:\Users\Zetzl\AppData\Roaming\ZETZL-PC.MTBF.txt
2014-03-22 14:08 - 2016-07-24 21:56 - 000001078 _____ () C:\Users\Zetzl\AppData\Roaming\__AvidCloudManager.log
2014-03-22 14:08 - 2016-07-24 16:55 - 000000597 _____ () C:\Users\Zetzl\AppData\Roaming\__AvidCloudManagerPrevious.log
2016-01-24 15:43 - 2017-03-05 17:01 - 000001456 _____ () C:\Users\Zetzl\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2017-05-23 14:31 - 2017-05-23 14:31 - 000000000 ____H () C:\Users\Zetzl\AppData\Local\BIT77EE.tmp
2011-02-13 10:02 - 2011-12-22 22:26 - 000001188 _____ () C:\Users\Zetzl\AppData\Local\crc32list11.txt
2011-07-21 18:36 - 2017-07-05 15:22 - 000158208 _____ () C:\Users\Zetzl\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-27 11:19 - 2016-01-15 18:59 - 000000021 _____ () C:\Users\Zetzl\AppData\Local\mc.pixel.data
2016-08-30 09:09 - 2016-08-30 09:09 - 000000218 _____ () C:\Users\Zetzl\AppData\Local\recently-used.xbel
2012-01-22 15:20 - 2016-12-25 17:11 - 000007599 _____ () C:\Users\Zetzl\AppData\Local\Resmon.ResmonCfg
2017-09-27 16:27 - 2017-09-27 16:27 - 000000000 _____ () C:\Users\Zetzl\AppData\Local\{17B95C40-C521-4A66-9445-01DDC52F2178}
2017-05-23 14:30 - 2017-05-23 14:31 - 000000000 _____ () C:\Users\Zetzl\AppData\Local\{487BF15E-B6D6-4D22-81C2-B3AA34E59A35}
2017-08-23 17:17 - 2017-08-23 17:17 - 000000000 _____ () C:\Users\Zetzl\AppData\Local\{B533E4F0-A786-4EDB-AB18-821ADCA78486}
ZeroAccess:
C:\Users\Zetzl\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-173452848-277635055-2821355942-1001\$aa4b53294f3d271a908ad77d8efb05c2
Einige Dateien in TEMP:
====================
2017-11-21 16:20 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Users\Zetzl\AppData\Local\Temp\kernel32.dll
2017-11-25 12:52 - 2017-11-25 13:08 - 026673840 _____ (Deutsche Telekom AG) C:\Users\Zetzl\AppData\Local\Temp\magentacloud4.2.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ====> ZeroAccess. Benutzen DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2016-10-25 15:19
==================== Ende von FRST.txt ============================
25.11.2017, 15:06
Baum-Darstellung