| berndausstuh | 19.11.2014 22:58 |
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by Admin at 2014-11-19 07:06:15
Running from E:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1Password 4.1.0.526 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{77A7CE43-5A1E-8282-931B-E0CC4C075793}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDBAC (HKLM-x32\...\{4C19650D-1BF8-4459-A904-06FB692B0F8E}) (Version: 5.3.24 - DataDesign)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Video to MP3 Converter version 5.0.51.1015 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.51.1015 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2014.08.22 - www.hardcopy.de)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1212-148929CC1385}) (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{40320F22-7D70-49DB-9D66-B6FAE5F36B47}) (Version: 1.0.32.0 - Condusiv Technologies)
Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== ATTENTION
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Project 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{8A8F117F-8EDB-440D-B679-F08909D729F7}) (Version: - Microsoft)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}) (Version: - Microsoft)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6844 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39036 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.6 - Samsung Electronics CO., LTD.)
roomeon 3D-Planer (HKLM-x32\...\{167661C5-5AA9-4200-869C-BE7781BF3078}) (Version: 1.6.1 - Ihr Firmenname)
S Agent (Version: 1.1.40 - Samsung Electronics CO., LTD.) Hidden
shopndrop (HKLM-x32\...\{7E7FAE3D-3358-D280-8DBF-E8E2D94326D1}) (Version: - "")
ShoppingDealFactory (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - ShoppingDealFactory) <==== ATTENTION
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2900 - DTS, Inc.)
Support Center FAQ (x32 Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
VA HausDesigner Professional 5.1 (HKLM-x32\...\{661EC5AC-9FE9-4DBC-90BC-DD0042DC2663}) (Version: 5.0.0100 - VA VIRTUAL ARCHITECTURE Ltda.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
14-11-2014 09:03:13 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2014-05-25 19:59 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts
80.228.79.53 remote.ficontec.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {024D0275-4CA2-46A1-A95D-FD40DC1DFEB6} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {0D35CC77-4A6D-44EC-A560-71CF9CA76CF3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {123FCD25-F531-4E6E-9609-1E1C6E5A1FD1} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {20E0F921-490F-4001-B30A-948CA93ACE45} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {60A2189C-F7F2-417D-A8B1-3B55A4840921} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-03-12] (SEC)
Task: {632C83E2-AD26-46C1-8F91-DB97E0AC8619} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {ACEDE1E9-A4ED-4318-982B-B124D36493D8} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {AF49BCA4-5967-4B68-9A14-CF716E2947FA} - \ASP No Task File <==== ATTENTION
Task: {BB159C6E-A403-4331-B404-B0C80282EC6D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C76CDA18-7CD0-4DD9-A66D-7338706828D1} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-02-26] (Samsung Electronics CO., LTD.)
Task: {CB7D9352-89FE-457A-B0F4-AB11C9CC0EBE} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-09-07 11:14 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2014-09-07 11:14 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-01-25 01:22 - 2014-01-25 01:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-26 08:56 - 2013-02-26 08:56 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-09-07 11:14 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-04-15 21:48 - 2013-01-14 19:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ccsvc_1.10.0.2 => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: CouponArificService64 => 2
MSCONFIG\Services: MaintainerSvc2.48.1114611 => 2
MSCONFIG\Services: servervo => 2
MSCONFIG\Services: Update Klip Pal => 2
MSCONFIG\Services: Util Klip Pal => 2
========================= Accounts: ==========================
Admin (S-1-5-21-3589802351-439905089-1110981561-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3589802351-439905089-1110981561-500 - Administrator - Disabled)
Gast (S-1-5-21-3589802351-439905089-1110981561-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3589802351-439905089-1110981561-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/18/2014 05:59:07 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (11/18/2014 05:51:04 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (11/18/2014 00:56:03 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook experienced a serious problem with the 'send to bluetooth' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?.
Rejected Safe Mode action : Microsoft Outlook.
Error: (11/18/2014 00:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.6025.1000, Zeitstempel: 0x4d949895
Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.6025.1000, Zeitstempel: 0x4d949895
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c2b7
ID des fehlerhaften Prozesses: 0x60c
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3
Vollständiger Name des fehlerhaften Pakets: OUTLOOK.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: OUTLOOK.EXE5
Error: (11/18/2014 00:55:46 PM) (Source: Outlook) (EventID: 1000) (User: )
Description: Add-in execution error. Outlook crashed during the 'Deactivate' callback of the 'ExplorerEvents' interface while calling into the 'Send to Bluetooth' add-in.
Error: (11/17/2014 08:56:42 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Error: (11/17/2014 07:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.1.0.5423, Zeitstempel: 0x545c0a59
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.1.0.5423, Zeitstempel: 0x545be5ee
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1e74
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (11/17/2014 06:57:22 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')
Error: (11/17/2014 06:55:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (11/16/2014 08:52:45 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
System errors:
=============
Error: (11/19/2014 05:58:01 AM) (Source: DCOM) (EventID: 10010) (User: BG-Samsung)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (11/19/2014 05:57:31 AM) (Source: DCOM) (EventID: 10010) (User: BG-Samsung)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (11/18/2014 08:50:20 PM) (Source: DCOM) (EventID: 10010) (User: BG-Samsung)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (11/18/2014 08:08:00 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.178.40 mit dem Computer mit der
Netzwerkhardwareadresse 08-96-D7-20-78-13 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (11/18/2014 06:12:10 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x100000003441d. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".
Error: (11/18/2014 06:11:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.189.119.0)
Error: (11/18/2014 05:59:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Interenet Optimizer erreicht.
Error: (11/18/2014 05:58:29 PM) (Source: DCOM) (EventID: 10010) (User: BG-Samsung)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (11/18/2014 05:58:29 PM) (Source: DCOM) (EventID: 10005) (User: BG-Samsung)
Description: 1084WSearchNicht verfügbar{9E175B68-F52A-11D8-B9A5-505054503030}
Error: (11/18/2014 05:58:24 PM) (Source: DCOM) (EventID: 10005) (User: BG-Samsung)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Microsoft Office Sessions:
=========================
Error: (11/18/2014 05:59:07 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description:
Error: (11/18/2014 05:51:04 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description:
Error: (11/18/2014 00:56:03 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook experienced a serious problem with the 'send to bluetooth' add-in. If you have seen this message multiple times, you should disable this add-in and check to see if an update is available. Do you want to disable this add-in?
Error: (11/18/2014 00:55:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.6025.10004d949895OUTLOOK.EXE14.0.6025.10004d949895c00000050001c2b760c01d0032664c20dc0C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEd4fd31c6-6f19-11e4-be98-c4d987097143
Error: (11/18/2014 00:55:46 PM) (Source: Outlook) (EventID: 1000) (User: )
Description: DeactivateExplorerEventsSend to Bluetooth
Error: (11/17/2014 08:56:42 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description:
Error: (11/17/2014 07:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.1.0.5423545c0a59mozalloc.dll33.1.0.5423545be5ee80000003000014251e7401d0028fe5ef1a6fC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb0567999-6e85-11e4-be97-c4d987097143
Error: (11/17/2014 06:57:22 PM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : (1056, 'StartService', 'Es wird bereits eine Instanz des Dienstes ausgef\xfchrt.')
Error: (11/17/2014 06:55:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (11/16/2014 08:52:45 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description:
CodeIntegrity Errors:
===================================
Date: 2014-11-17 19:41:54.970
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-16 17:43:18.740
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-14 10:06:15.320
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-16 20:03:58.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-10 20:02:30.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-06 10:57:49.008
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-01 13:41:39.776
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-23 13:31:28.386
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-07 18:09:38.925
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-07-28 00:08:49.141
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 8078.86 MB
Available physical RAM: 5347.95 MB
Total Pagefile: 9358.86 MB
Available Pagefile: 6207.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:904.58 GB) (Free:507.59 GB) NTFS
Drive d: () (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS
Drive e: (INTENSO) (Removable) (Total:7.46 GB) (Free:7.45 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 5900EE1B)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014
Ran by Admin (administrator) on BG-SAMSUNG on 19-11-2014 07:05:34
Running from E:\
Loaded Profile: Admin (Available profiles: Admin)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13286472 2013-02-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1277000 2013-02-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1277000 2013-02-18] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3705104 2014-10-20] (AgileBits)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718720 2010-12-20] (Microsoft Corporation)
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\MountPoints2: {0c69a2ec-680a-11e4-be91-c4d987097143} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\MountPoints2: {0c69a2f3-680a-11e4-be91-c4d987097143} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3589802351-439905089-1110981561-1001\...\MountPoints2: {0c69a31e-680a-11e4-be91-c4d987097143} - "E:\LaunchU3.exe" -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {22BDCCEF-A277-4059-B344-52E345595845} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 -> {22BDCCEF-A277-4059-B344-52E345595845} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-3589802351-439905089-1110981561-1001 -> {22BDCCEF-A277-4059-B344-52E345595845} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {271A3CF5-5A54-447B-A08F-BE805F0DA60B} https://finanzcenter.sparkasse-bremen.de/_plugin/AXFOAM.cab
Hosts: 80.228.79.53 remote.ficontec.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\user.js
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\abs@avira.com [2014-11-18]
FF Extension: PriceDownloader - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\ioaagTt@K.edu [2014-11-16]
FF Extension: savingtoyou - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\Ubk@3I.org [2014-11-17]
FF Extension: DDBAC Plug-In - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A} [2014-08-19]
FF Extension: Cliqz Beta - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\cliqz@cliqz.com.xpi [2014-10-10]
FF Extension: 1Password - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\onepassword4@agilebits.com.xpi [2014-11-14]
FF Extension: Klip Pal - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\07b7uc8s.default\Extensions\{e920b931-4015-4acf-9561-0197bd6bfe7e}.xpi [2014-11-16]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 vmms; C:\Windows\system32\vmms.exe [13401600 2014-09-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 0c632643; "C:\WINDOWS\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-12-13] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
S3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [20336 2013-02-17] (ELAN Microelectronic Corp.)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2014-05-07] (Microsoft Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-05-08] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-09-29] (NetFilterSDK.com)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-05-08] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-05-08] (Microsoft Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73984 2014-06-16] (Identive)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-05-08] (Microsoft Corporation)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [690688 2014-08-26] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [690688 2014-08-26] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [690688 2014-08-26] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [690688 2014-08-26] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 webinstrT; C:\WINDOWS\system32\Drivers\webinstrT.sys [63696 2014-11-16] (Corsica)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-19 07:05 - 2014-11-19 07:05 - 00000000 ____D () C:\FRST
2014-11-18 23:11 - 2014-11-18 23:11 - 00000000 ___SH () C:\DkHyperbootSync
2014-11-18 18:06 - 2014-11-18 18:05 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-11-18 18:05 - 2014-11-18 18:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Avira
2014-11-18 18:03 - 2014-10-23 14:02 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-11-18 18:03 - 2014-10-23 14:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-11-18 18:03 - 2014-10-23 14:01 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-11-18 18:01 - 2014-11-18 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-18 18:01 - 2014-11-18 18:03 - 00000000 ____D () C:\ProgramData\Avira
2014-11-18 18:01 - 2014-11-18 18:03 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-18 17:57 - 2014-11-18 17:57 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Admin\Downloads\avira_de_av_5651171143__ws.exe
2014-11-17 19:51 - 2014-11-17 20:28 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-17 19:50 - 2014-11-17 19:50 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-17 19:50 - 2014-11-17 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-17 19:50 - 2014-11-17 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-17 19:50 - 2014-11-17 19:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-17 19:50 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-17 19:50 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-17 19:50 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-17 19:49 - 2014-11-17 19:50 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-17 19:15 - 2014-11-17 19:15 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory
2014-11-16 18:50 - 2014-11-16 18:50 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-11-16 15:17 - 2014-11-19 06:38 - 00000000 ____D () C:\ProgramData\86998342-aefb-4bdb-96ce-74be1e808b51
2014-11-16 15:14 - 2014-11-16 15:14 - 00000000 ____D () C:\Program Files (x86)\predm
2014-11-16 15:10 - 2014-11-16 15:30 - 00000378 _____ () C:\WINDOWS\Tasks\APSnotifierPP1.job
2014-11-16 15:10 - 2014-11-16 15:19 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP3.job
2014-11-16 15:10 - 2014-11-16 15:19 - 00000376 _____ () C:\WINDOWS\Tasks\APSnotifierPP2.job
2014-11-16 15:10 - 2014-11-16 15:10 - 00002808 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP1
2014-11-16 15:10 - 2014-11-16 15:10 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP3
2014-11-16 15:10 - 2014-11-16 15:10 - 00002806 _____ () C:\WINDOWS\System32\Tasks\APSnotifierPP2
2014-11-16 15:09 - 2014-11-16 15:09 - 00613012 _____ (CMI Limited) C:\Users\Admin\AppData\Local\nsh4691.tmp
2014-11-16 15:09 - 2014-11-16 15:09 - 00000000 __SHD () C:\Users\Admin\AppData\Roaming\AnyProtectEx
2014-11-16 15:08 - 2014-11-16 15:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TeamViewer
2014-11-16 15:07 - 2014-11-16 15:07 - 04972848 _____ (TeamViewer) C:\Users\Admin\Downloads\TeamViewerQS_de.exe
2014-11-16 14:59 - 2014-11-16 14:59 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2014-11-16 14:50 - 2014-11-16 15:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Systweak
2014-11-16 14:50 - 2014-10-06 16:36 - 00020296 _____ () C:\WINDOWS\system32\roboot64.exe
2014-11-16 14:48 - 2014-10-30 01:55 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-16 14:48 - 2014-10-30 01:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 14:33 - 2014-11-16 14:48 - 00002004 _____ () C:\WINDOWS\patsearch.bin
2014-11-16 14:33 - 2014-11-16 14:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_webinstrT_01009.Wdf
2014-11-16 14:33 - 2014-11-16 14:32 - 00063696 _____ (Corsica) C:\WINDOWS\system32\Drivers\webinstrT.sys
2014-11-16 14:31 - 2014-11-16 14:31 - 00000005 _____ () C:\end
2014-11-16 13:55 - 2014-11-19 06:38 - 00000000 ____D () C:\ProgramData\shopndrop
2014-11-16 13:55 - 2014-11-17 19:15 - 00000000 ____D () C:\ProgramData\acc391c751492e05
2014-11-15 09:38 - 2014-11-15 09:38 - 00043660 _____ () C:\Users\Admin\Downloads\20141115-1130138959-umsatz.csv
2014-11-14 16:09 - 2014-11-17 19:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AgileBits
2014-11-14 16:06 - 2014-11-14 16:19 - 00000000 ____D () C:\Users\Admin\Documents\1Password
2014-11-14 16:06 - 2014-11-14 16:06 - 00001045 _____ () C:\Users\Public\Desktop\1Password 4.lnk
2014-11-14 16:06 - 2014-11-14 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password
2014-11-14 16:06 - 2014-04-22 12:30 - 02081792 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatSocket.dll
2014-11-14 16:06 - 2014-04-22 12:30 - 01972736 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatCrypt2.dll
2014-11-14 16:06 - 2014-04-22 12:30 - 01795072 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatCert.dll
2014-11-14 16:06 - 2014-04-22 12:30 - 01682432 _____ (Chilkat Software, Inc.) C:\WINDOWS\SysWOW64\ChilkatZip2.dll
2014-11-14 16:05 - 2014-11-14 16:06 - 00000000 ____D () C:\Program Files (x86)\1Password 4
2014-11-14 16:05 - 2014-11-14 16:05 - 09963616 _____ (AgileBits ) C:\Users\Admin\Downloads\1Password-4.1.0.526.exe
2014-11-14 11:21 - 2014-11-14 11:21 - 00000000 ____D () C:\Users\Admin\Documents\Neuer Ordner
2014-11-14 11:16 - 2014-11-14 11:16 - 00001434 _____ () C:\Users\Admin\Desktop\hardcopy - Verknüpfung.lnk
2014-11-14 10:02 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-14 10:02 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-14 10:02 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-14 10:02 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-14 10:02 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-14 10:01 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-14 10:01 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-14 10:01 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-14 10:01 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-14 10:01 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-14 10:01 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-14 10:01 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-14 10:01 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-14 10:01 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-14 10:01 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-14 10:01 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-14 10:01 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-14 10:01 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-14 10:00 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-14 10:00 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-14 10:00 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-14 10:00 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-14 10:00 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-14 10:00 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-14 10:00 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-14 10:00 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-14 10:00 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-14 10:00 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-14 10:00 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-14 10:00 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-14 10:00 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-14 10:00 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-14 10:00 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-14 10:00 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-14 10:00 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-14 10:00 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-14 10:00 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-14 10:00 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-14 10:00 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-14 10:00 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-14 10:00 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-14 10:00 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-14 10:00 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-14 10:00 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-14 09:59 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-14 09:59 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-14 09:59 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-14 09:59 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-14 09:59 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-14 09:59 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-14 09:59 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-14 09:59 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-14 09:59 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-14 09:58 - 2014-11-05 00:38 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-11-14 09:58 - 2014-11-04 01:10 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-11-14 09:58 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-14 09:58 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-14 09:58 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-14 09:58 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-14 09:58 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-14 09:58 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-14 09:58 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-14 09:58 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-14 09:58 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-14 09:58 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-14 09:58 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-14 09:58 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-14 09:58 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-14 09:58 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-14 09:58 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-14 09:58 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-14 09:58 - 2014-10-31 05:53 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-11-14 09:58 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-14 09:58 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-14 09:58 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-14 09:58 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-14 09:58 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-14 09:58 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-14 09:58 - 2014-10-31 05:49 - 00537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-11-14 09:58 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-14 09:58 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-14 09:58 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-14 09:58 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-14 09:58 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-14 09:58 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-14 09:58 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-14 09:58 - 2014-10-31 05:24 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-11-14 09:58 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-14 09:58 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-14 09:58 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-14 09:58 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-14 09:58 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-14 09:58 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-14 09:58 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-14 09:58 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-14 09:58 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-14 09:58 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-14 09:58 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-14 09:58 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-14 09:58 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-14 09:58 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-14 09:58 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-14 09:58 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-14 09:58 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-14 09:58 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-14 09:58 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-14 09:58 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-14 09:58 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-14 09:58 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-14 09:58 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-14 09:58 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-14 09:58 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-14 09:58 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-14 09:58 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-14 09:58 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-14 09:58 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-14 09:58 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-14 09:58 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-14 09:58 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-14 09:58 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-14 09:58 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-14 09:58 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-14 09:58 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-14 09:58 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-14 09:58 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-14 09:58 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-14 09:58 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-14 09:58 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-14 09:58 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-14 09:58 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-14 09:58 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-14 09:58 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-14 09:58 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-14 09:58 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-14 09:58 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-14 09:58 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-14 09:58 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-14 09:58 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-14 09:58 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-14 09:58 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-14 09:58 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-14 09:58 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-14 09:58 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-14 09:58 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-14 09:58 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-14 09:58 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-14 09:58 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-14 09:58 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-14 09:58 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-14 09:58 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-14 09:58 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-14 09:58 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-14 09:58 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-14 09:58 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-14 09:58 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-14 09:58 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-14 09:58 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-14 09:58 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-14 09:58 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-14 09:58 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-14 09:58 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-14 09:58 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-14 09:58 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-14 09:58 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-14 09:57 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-14 09:57 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-14 09:57 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-14 09:57 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-14 09:57 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-14 09:57 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-14 09:57 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-14 09:57 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-14 09:57 - 2014-09-04 02:58 - 06170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2014-11-14 09:57 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-14 09:57 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-14 09:57 - 2014-09-04 01:19 - 13401600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe
2014-11-14 09:57 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-14 09:57 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-14 09:57 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-14 09:57 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-14 09:57 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-14 09:57 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-14 09:57 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-14 09:57 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-14 09:57 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-14 09:57 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-14 09:57 - 2014-08-26 03:22 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wnv.sys
2014-11-14 09:57 - 2014-08-26 03:22 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2014-11-14 09:57 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-14 09:57 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-14 09:57 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-14 09:57 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-14 09:57 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-10 21:46 - 2014-11-16 14:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 18:21 - 2014-11-09 18:21 - 00067072 _____ () C:\Users\Admin\Documents\Musik_Strategie.vsd
2014-11-09 16:53 - 2014-11-09 16:57 - 00000000 ____D () C:\Users\Admin\Documents\_USB_fic_sortieren
2014-11-09 16:50 - 2014-11-09 16:50 - 00000000 ____D () C:\Users\Admin\Documents\ficonTEC_Steuerprüfer
2014-11-09 16:47 - 2014-11-09 16:49 - 00000000 ____D () C:\Users\Admin\Documents\_USB_16GB_Band
2014-11-09 16:45 - 2014-11-09 16:46 - 00000000 ____D () C:\Users\Admin\Documents\_USB_Feinmetall
2014-11-09 15:35 - 2014-11-09 15:35 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-11-08 20:01 - 2014-11-08 20:06 - 00000000 ____D () C:\Program Files (x86)\MP3Gain
2014-11-08 20:01 - 2014-11-08 20:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-11-08 20:01 - 2014-11-08 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2014-11-08 19:59 - 2014-11-08 19:59 - 01125200 _____ () C:\Users\Admin\Downloads\MP3Gain - CHIP-Installer.exe
2014-11-05 19:57 - 2014-11-05 20:02 - 00000000 ____D () C:\Users\Admin\Documents\Datensicherung_BG_2014
2014-11-05 19:50 - 2014-11-16 14:36 - 00000000 ____D () C:\Users\Admin\Documents\Freizeit
2014-11-05 19:34 - 2014-11-06 07:27 - 00000000 ____D () C:\Users\Admin\Documents\Bernd
2014-11-05 19:34 - 2014-11-05 19:35 - 00000000 ____D () C:\Users\Admin\Documents\Bernie
2014-11-05 19:33 - 2014-11-09 16:44 - 00000000 ____D () C:\Users\Admin\Documents\_aktuell
2014-10-26 18:05 - 2014-10-26 18:05 - 00000000 ____D () C:\Users\Admin\Documents\Optimizer Pro
2014-10-26 18:00 - 2014-10-26 18:00 - 00001524 _____ () C:\Users\Public\Desktop\Free Video to MP3 Converter.lnk
2014-10-26 18:00 - 2014-10-26 18:00 - 00001255 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-10-26 18:00 - 2014-10-26 18:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\RHEng
2014-10-26 18:00 - 2014-10-26 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-26 18:00 - 2014-10-26 18:00 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-26 17:58 - 2014-10-26 18:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DVDVideoSoft
2014-10-26 17:58 - 2014-10-26 17:58 - 30589776 _____ (DVDVideoSoft Ltd. ) C:\Users\Admin\Downloads\FreeVideoToMP3Converter5.0.51.1015.exe
2014-10-26 16:20 - 2014-10-26 16:20 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-26 16:20 - 2014-10-26 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-26 16:20 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-10-26 16:19 - 2014-10-26 16:20 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-26 16:19 - 2014-10-26 16:20 - 00000000 ____D () C:\Program Files\iTunes
2014-10-26 16:19 - 2014-10-26 16:20 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-26 16:19 - 2014-10-26 16:19 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-26 16:19 - 2014-10-26 16:19 - 00000000 ____D () C:\Program Files\iPod
2014-10-26 16:11 - 2014-10-26 16:13 - 122418480 _____ (Apple Inc.) C:\Users\Admin\Downloads\iTunes64Setup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-19 07:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-19 06:59 - 2014-05-09 19:12 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AD900652-16EC-410A-B539-9F45DC5F7829}
2014-11-19 06:52 - 2014-04-27 11:13 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3589802351-439905089-1110981561-1001
2014-11-19 06:48 - 2014-05-24 09:44 - 00000000 ____D () C:\Users\Admin\Documents\Outlook Files
2014-11-18 20:59 - 2014-05-07 19:43 - 01186767 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-18 18:19 - 2014-05-09 07:21 - 27590656 _____ () C:\WINDOWS\system32\vmguest.iso
2014-11-18 18:10 - 2013-04-15 22:37 - 00000000 ____D () C:\ProgramData\WinClon
2014-11-18 18:00 - 2013-04-15 21:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-18 17:59 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-18 17:50 - 2014-03-18 02:49 - 00169048 _____ () C:\WINDOWS\PFRO.log
2014-11-17 20:56 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-11-17 20:26 - 2014-10-18 09:00 - 00000000 ____D () C:\Users\Admin\AppData\Local\iLivid
2014-11-16 18:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-16 16:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2014-11-16 15:21 - 2013-08-22 14:25 - 00000269 _____ () C:\WINDOWS\win.ini
2014-11-16 15:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-16 14:45 - 2013-08-22 15:44 - 00511376 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-16 14:44 - 2014-05-15 19:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-16 14:41 - 2014-07-25 09:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-11-16 14:41 - 2014-04-27 12:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-16 14:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-16 14:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-16 14:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-16 14:41 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-16 14:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-16 14:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-16 14:39 - 2014-04-27 12:07 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-16 14:33 - 2013-08-22 15:46 - 00317230 _____ () C:\WINDOWS\setupact.log
2014-11-16 14:30 - 2014-05-15 19:32 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-16 14:30 - 2014-05-15 19:32 - 00001379 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-16 14:30 - 2014-05-07 19:49 - 00001682 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-16 14:30 - 2014-05-06 13:45 - 00001759 _____ () C:\Users\Admin\Desktop\Internet Explorer.lnk
2014-11-16 14:07 - 2012-07-11 12:17 - 00000000 ____D () C:\Users\Admin\Documents\Graetie
2014-11-15 21:27 - 2014-03-18 11:03 - 01776922 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-15 21:27 - 2014-03-18 10:24 - 00765762 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-15 21:27 - 2014-03-18 10:24 - 00159546 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-15 09:38 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-14 11:21 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\EDV
2014-11-14 10:16 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-09 16:52 - 2014-06-29 19:07 - 00000000 ____D () C:\Users\Admin\Documents\_Brunzel_Software
2014-11-09 15:35 - 2014-10-10 15:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Apple Computer
2014-11-09 13:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-09 13:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-11-09 13:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-11-09 13:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-11-09 11:57 - 2012-07-11 12:17 - 00000000 ____D () C:\Users\Admin\Documents\Kalender
2014-11-05 19:52 - 2012-07-11 13:00 - 00000000 ____D () C:\Users\Admin\Documents\Rezepte
2014-11-05 19:52 - 2012-07-11 12:18 - 00000000 ____D () C:\Users\Admin\Documents\restore
2014-11-05 19:52 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Schach
2014-11-05 19:51 - 2012-07-11 12:17 - 00000000 ____D () C:\Users\Admin\Documents\Mindmaps
2014-11-05 19:51 - 2012-07-11 12:17 - 00000000 ____D () C:\Users\Admin\Documents\iPhone
2014-11-05 19:51 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\SMC
2014-11-05 19:50 - 2012-07-11 12:17 - 00000000 ____D () C:\Users\Admin\Documents\Gerda
2014-11-05 19:50 - 2012-07-11 12:07 - 00000000 ____D () C:\Users\Admin\Documents\Geld
2014-11-05 19:49 - 2012-07-11 12:05 - 00000000 ____D () C:\Users\Admin\Documents\Englisch
2014-11-05 19:49 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Eigener Blödsinn
2014-11-05 19:48 - 2012-07-11 12:07 - 00000000 ____D () C:\Users\Admin\Documents\Ernährung
2014-11-05 19:47 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Eigene Datenquellen
2014-11-05 19:46 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\ebay
2014-11-05 19:46 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\DVDVideoSoft
2014-11-05 19:46 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\CyberLink
2014-11-05 19:45 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Zeugnisse
2014-11-05 19:45 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\work-life-ballance
2014-11-05 19:45 - 2011-09-11 13:50 - 00000000 ____D () C:\Users\Admin\Documents\Briefe und Karten
2014-11-05 19:44 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\von Susi
2014-11-05 19:44 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Visitenkarten
2014-11-05 19:44 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Sport
2014-11-05 19:44 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Schwerbehinderung
2014-11-05 19:44 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Rentenversicherung
2014-11-05 19:43 - 2012-07-11 12:00 - 00000000 ____D () C:\Users\Admin\Documents\Partnerschaft
2014-11-05 19:38 - 2012-07-11 11:56 - 00000000 ____D () C:\Users\Admin\Documents\Geb2010
2014-11-05 19:38 - 2012-07-11 11:56 - 00000000 ____D () C:\Users\Admin\Documents\Dokumente wichtig
2014-11-05 19:38 - 2012-07-11 11:56 - 00000000 ____D () C:\Users\Admin\Documents\DB Bahn Personenverkehr GmbH
2014-11-05 19:35 - 2011-09-11 13:50 - 00000000 ____D () C:\Users\Admin\Documents\CD-Labels Canon
2014-11-05 19:32 - 2011-09-11 13:50 - 00000000 ____D () C:\Users\Admin\Documents\Kaufen+Verkaufen
2014-10-30 12:25 - 2014-05-06 12:36 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-26 16:20 - 2014-10-10 17:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple Computer
2014-10-26 16:19 - 2014-10-10 15:49 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-26 16:18 - 2014-10-10 15:49 - 00000000 ____D () C:\ProgramData\Apple
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\056C1C09-914F-AB97-BC2C-D4BFC2447108.dll
C:\Users\Admin\AppData\Local\Temp\2222-5722_Safer-Surf.exe
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\CloudBackup3538.exe
C:\Users\Admin\AppData\Local\Temp\optprosetup.exe
C:\Users\Admin\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-18 20:49
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
so sollte es richtig sein, oder? |
FRST 32-Bit | FRST 64-Bit
So funktioniert es:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
