Moin,
sorry, bis Weihnachten hatte ich keine Minute mehr über.
Help-Files muss ich noch löschen, die sollten ja aber am Befallsstatus nichts ändern.
Windows Repair ist durch, der Defender geht wieder und ist up to date, möchte jetzt scannen.
Soll ich vom Repair noch Logfiles posten?
Im FRST ist einiges neu, weil ich seit alles wieder ging einiges neu gespeichert hab, aber Du achtest vermutlich eh auf andere Parameter. Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-12-2015
durchgeführt von DJ Dolphin (Administrator) auf WAVEMASTER (28-12-2015 22:05:22)
Gestartet von C:\Users\DJ Dolphin\Desktop
Geladene Profile: DJ Dolphin (Verfügbare Profile: DJ Dolphin & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer3\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-25] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1504608 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705432 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-09] (Nero AG)
HKLM-x32\...\Run: [TOSDCR] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe [169296 2007-08-28] ()
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ITSecMng] => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-04-01] (TOSHIBA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2290779612-799622330-4084932457-1000\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.6\ICQ.exe [127040 2011-10-10] (ICQ, LLC.)
HKU\S-1-5-21-2290779612-799622330-4084932457-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-16] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-06-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2010-06-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{008C72E9-AED1-42EC-AC7B-44109F03D9B3}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{01A8C316-0DD0-450A-8546-EC410E51E72E}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{D90834D8-2216-4093-B695-FD8551D08914}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FF0CBC07-64D7-4841-B6C9-E10BAB31C86D}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2290779612-799622330-4084932457-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
HKU\S-1-5-21-2290779612-799622330-4084932457-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2290779612-799622330-4084932457-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba.msn.com/
SearchScopes: HKLM -> DefaultScope {E39C11DC-F612-45BF-9503-C474AB02C80B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E39C11DC-F612-45BF-9503-C474AB02C80B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {F22327E2-9ADE-4944-8D9C-47781C53DF16} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {8983339A-BF46-4E86-8035-2B5E03A29E7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2290779612-799622330-4084932457-1000 -> {8983339A-BF46-4E86-8035-2B5E03A29E7C} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-08-30] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-08-30] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll [2014-08-30] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-08-30] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-08-30] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-05] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll [2014-08-30] (Kaspersky Lab ZAO)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] (<TOSHIBA>)
DPF: HKLM-x32 {000F1EA4-5E08-4564-A29B-29076F63A37A} hxxp://launch.soe.com/plugin/web/SOEWebInstaller.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [2001-02-12] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2010-02-22] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\DJ Dolphin\AppData\Roaming\Mozilla\Firefox\Profiles\dww49mks.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-06-20] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-05] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-17] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-17] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @soe.sony.com/installer,version=1.0.3 -> C:\Windows\Downloaded Program Files\npsoe.dll [2011-06-09] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-09-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-09-02] (Apple Inc.)
FF Extension: Kein Name - C:\Users\DJ Dolphin\AppData\Roaming\Mozilla\Firefox\Profiles\dww49mks.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [nicht gefunden]
FF Extension: Greasemonkey - C:\Users\DJ Dolphin\AppData\Roaming\Mozilla\Firefox\Profiles\dww49mks.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-10-11]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-17] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-17] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-17] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer3\TeamViewer_Service.exe [181544 2008-09-25] (TeamViewer GmbH)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4378024 2015-11-23] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2015-11-23] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [42408 2015-11-23] (AVG Technologies CZ, s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-20] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-08-18] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [820232 2014-08-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [74424 2014-08-13] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [14604 2003-08-11] (Padus, Inc.) [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-10-14] (TuneUp Software)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [51496 2013-04-04] (Yamaha Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-28 19:54 - 2015-12-28 19:54 - 00000000 ____D C:\Users\DJ Dolphin\Desktop\tweaking.com_windows_repair_aio
2015-12-28 19:52 - 2015-12-28 19:54 - 18901936 _____ C:\Users\DJ Dolphin\Desktop\tweaking.com_windows_repair_aio.zip
2015-12-22 04:05 - 2015-12-22 04:05 - 00302592 _____ C:\Users\DJ Dolphin\Desktop\ebayUmsätze 15-12.xls
2015-12-22 04:01 - 2015-12-22 04:01 - 00078077 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-12-2.csv
2015-12-22 03:59 - 2015-12-28 06:22 - 00130560 _____ C:\Users\DJ Dolphin\Desktop\MonthlySummary15-12 (UV).xls
2015-12-22 03:59 - 2015-12-22 03:59 - 00184015 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-12-1.csv
2015-12-18 05:49 - 2015-12-18 05:38 - 00086076 _____ C:\Users\DJ Dolphin\Desktop\Finanzreport_Nr._06_per_02.07.2015184485.pdf
2015-12-18 05:48 - 2015-12-18 05:37 - 00081943 _____ C:\Users\DJ Dolphin\Desktop\Finanzreport_Nr._05_per_02.06.2015465487.pdf
2015-12-18 05:48 - 2015-12-18 05:36 - 00075892 _____ C:\Users\DJ Dolphin\Desktop\Finanzreport_Nr.04_vom_05.05.2015975474.pdf
2015-12-18 05:48 - 2015-12-18 05:35 - 00081055 _____ C:\Users\DJ Dolphin\Desktop\Finanzreport_Nr.03_vom_01.04.2015625785.pdf
2015-12-18 05:48 - 2015-12-18 05:34 - 00073743 _____ C:\Users\DJ Dolphin\Desktop\Finanzreport_Nr.02_vom_03.03.2015260023.pdf
2015-12-18 05:48 - 2015-12-18 05:33 - 00075332 _____ C:\Users\DJ Dolphin\Desktop\Finanzreport_Nr.01_vom_03.02.2015568269.pdf
2015-12-18 03:41 - 2015-12-28 06:23 - 00135680 _____ C:\Users\DJ Dolphin\Desktop\Einkommenssteuererklärungstabelle 2015.xls
2015-12-16 08:37 - 2015-12-16 08:37 - 00048080 _____ C:\Users\DJ Dolphin\Desktop\Games Island 02_11_2015-1.pdf
2015-12-16 08:36 - 2015-12-16 08:36 - 00048308 _____ C:\Users\DJ Dolphin\Desktop\Games Island 02_11_2015-2.pdf
2015-12-16 08:28 - 2015-12-16 08:30 - 00007646 _____ C:\Users\DJ Dolphin\Desktop\tcgdiscount 03_10_2015.pdf
2015-12-16 05:58 - 2015-12-16 05:58 - 00001776 _____ C:\Users\DJ Dolphin\Desktop\Kako 21_10_2015.pdf
2015-12-12 07:29 - 2015-12-12 07:29 - 00151825 _____ C:\Users\DJ Dolphin\Desktop\Games Island 09_12_2015-2.pdf
2015-12-12 07:26 - 2015-12-12 07:26 - 00151084 _____ C:\Users\DJ Dolphin\Desktop\Games Island 09_12_2015-1.pdf
2015-12-12 07:26 - 2015-12-12 07:25 - 00149837 _____ C:\Users\DJ Dolphin\Desktop\Games Island 09_12_2015-3.pdf
2015-12-12 06:07 - 2015-12-12 06:07 - 00001765 _____ C:\Users\DJ Dolphin\Desktop\Rechnung 15-014.pdf
2015-12-09 17:42 - 2015-11-20 20:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 17:42 - 2015-11-20 20:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 17:42 - 2015-11-20 20:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 17:42 - 2015-11-20 20:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 17:42 - 2015-11-20 20:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 17:42 - 2015-11-20 20:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 17:42 - 2015-11-20 20:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 17:42 - 2015-11-20 20:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 17:42 - 2015-11-20 20:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 17:42 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 17:42 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 17:42 - 2015-11-10 20:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 17:42 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 17:42 - 2015-11-10 19:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 17:42 - 2015-11-03 21:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 17:42 - 2015-11-03 20:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 17:41 - 2015-11-11 23:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 17:41 - 2015-11-11 22:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 17:41 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 17:41 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 17:41 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 17:41 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 17:41 - 2015-11-11 18:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 17:41 - 2015-11-11 18:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 17:41 - 2015-11-11 17:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 17:41 - 2015-11-11 17:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 17:41 - 2015-11-11 17:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 17:41 - 2015-11-11 17:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 17:41 - 2015-11-11 16:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 17:41 - 2015-11-10 20:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 17:41 - 2015-11-10 02:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 17:41 - 2015-11-10 02:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 17:41 - 2015-11-10 02:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 17:41 - 2015-11-10 02:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 17:41 - 2015-11-10 02:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 17:41 - 2015-11-10 02:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 17:41 - 2015-11-10 02:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 17:41 - 2015-11-10 02:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 17:41 - 2015-11-10 02:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 17:41 - 2015-11-10 02:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 17:41 - 2015-11-10 02:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 17:41 - 2015-11-10 02:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 17:41 - 2015-11-10 02:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 17:41 - 2015-11-10 01:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 17:41 - 2015-11-10 01:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 17:41 - 2015-11-10 01:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 17:41 - 2015-11-10 01:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 17:41 - 2015-11-10 01:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 17:41 - 2015-11-10 01:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 17:41 - 2015-11-10 01:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 17:41 - 2015-11-10 01:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 17:41 - 2015-11-10 01:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 17:41 - 2015-11-10 01:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 17:41 - 2015-11-10 01:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 17:41 - 2015-11-09 00:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 17:41 - 2015-11-09 00:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 17:41 - 2015-11-09 00:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 17:41 - 2015-11-09 00:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 17:41 - 2015-11-09 00:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 17:41 - 2015-11-09 00:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 17:41 - 2015-11-09 00:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 17:41 - 2015-11-09 00:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 17:41 - 2015-11-09 00:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 17:41 - 2015-11-09 00:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 17:41 - 2015-11-09 00:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 17:41 - 2015-11-09 00:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 17:41 - 2015-11-09 00:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 17:41 - 2015-11-09 00:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 17:41 - 2015-11-09 00:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 17:41 - 2015-11-09 00:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 17:41 - 2015-11-08 23:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 17:41 - 2015-11-08 23:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 17:41 - 2015-11-08 23:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 17:41 - 2015-11-08 23:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 17:41 - 2015-11-08 23:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 17:41 - 2015-11-08 23:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 17:41 - 2015-11-08 23:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 17:41 - 2015-11-08 23:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 17:41 - 2015-11-08 23:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 17:41 - 2015-11-08 23:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 17:41 - 2015-11-08 23:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 17:41 - 2015-11-08 23:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 17:41 - 2015-11-08 22:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 17:41 - 2015-11-08 22:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 17:41 - 2015-11-08 22:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 17:41 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 17:41 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 17:41 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 17:37 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 17:37 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-09 05:01 - 2015-12-09 05:01 - 00082445 _____ C:\Users\DJ Dolphin\Desktop\JK-Store 10_11_2015.pdf
2015-12-04 23:05 - 2015-12-04 23:05 - 00631808 _____ C:\Users\DJ Dolphin\Desktop\ebayUmsätze15-10a.xls
2015-12-04 22:53 - 2015-12-04 22:53 - 00049774 _____ C:\Users\DJ Dolphin\Desktop\31_087_02267_Bestätigung der Annahme UStVA 2015 - Oktober_ElsterOnline48.pdf
2015-12-04 22:50 - 2015-12-16 05:51 - 00608768 _____ C:\Users\DJ Dolphin\Desktop\ebayUmsätze15-10.xls
2015-12-04 22:45 - 2015-12-04 22:45 - 00180479 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-1.csv
2015-12-04 22:43 - 2015-12-04 22:43 - 00234376 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-2.csv
2015-12-04 22:39 - 2015-12-04 22:39 - 00168255 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-3.csv
2015-12-04 22:04 - 2015-12-04 22:04 - 00014413 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-4a.csv
2015-12-04 22:01 - 2015-12-04 22:01 - 00189262 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-3a.csv
2015-12-04 21:58 - 2015-12-04 21:58 - 00208436 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-2a.csv
2015-12-04 21:56 - 2015-12-04 21:56 - 00206489 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-10-1a.csv
2015-12-04 21:38 - 2015-12-16 08:38 - 00252928 _____ C:\Users\DJ Dolphin\Desktop\MonthlySummary15-10.xls
2015-12-04 20:12 - 2015-12-04 20:12 - 00049422 _____ C:\Users\DJ Dolphin\Desktop\31_087_02267_Bestätigung der Annahme UStVA 2015 - November_ElsterOnline49.pdf
2015-12-04 19:29 - 2015-12-04 19:29 - 00045133 _____ C:\Users\DJ Dolphin\Desktop\Games Island 04_12_2015-2.pdf
2015-12-04 19:28 - 2015-12-04 19:28 - 00045514 _____ C:\Users\DJ Dolphin\Desktop\Games Island 04_12_2015-1.pdf
2015-12-04 19:24 - 2015-12-04 19:24 - 00009082 _____ C:\Users\DJ Dolphin\Desktop\Magictrade-online 13_11_2015.pdf
2015-12-04 06:23 - 2015-12-14 01:22 - 00000000 ____D C:\Users\DJ Dolphin\Desktop\Magic Bilder
2015-12-04 06:19 - 2015-12-04 06:19 - 00005581 _____ C:\Users\DJ Dolphin\Desktop\7182306.pdf
2015-12-04 06:19 - 2015-12-04 06:19 - 00005580 _____ C:\Users\DJ Dolphin\Desktop\4720779.pdf
2015-12-04 06:19 - 2015-12-04 06:19 - 00005573 _____ C:\Users\DJ Dolphin\Desktop\1798399.pdf
2015-12-04 05:39 - 2015-12-04 05:39 - 00001760 _____ C:\Users\DJ Dolphin\Desktop\Kako 04_11_2015.pdf
2015-12-04 05:37 - 2015-12-04 05:37 - 00001804 _____ C:\Users\DJ Dolphin\Desktop\Kartenkatze 04_11_2015.pdf
2015-12-04 00:07 - 2015-12-04 01:00 - 783214488 _____ (IBM Corp) C:\Users\DJ Dolphin\Desktop\SPSS_Statistics_22_win32_.exe
2015-12-03 08:50 - 2015-12-07 06:47 - 00000000 ____D C:\Users\DJ Dolphin\Desktop\Bilder Jenni
2015-12-03 05:25 - 2015-12-03 05:25 - 00005622 _____ C:\Users\DJ Dolphin\Desktop\BB-Tradingcards 2015-12-02.pdf
2015-12-01 19:45 - 2015-12-04 20:12 - 00169984 _____ C:\Users\DJ Dolphin\Desktop\MonthlySummary15-11.xls
2015-12-01 19:39 - 2015-12-01 19:39 - 00431616 _____ C:\Users\DJ Dolphin\Desktop\ebayUmsätze 15-11.xls
2015-12-01 19:31 - 2015-12-01 19:31 - 00201959 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-11-2.csv
2015-12-01 19:28 - 2015-12-01 19:28 - 00198270 _____ C:\Users\DJ Dolphin\Desktop\SalesHistory15-11-1.csv
2015-12-01 19:22 - 2015-12-01 19:22 - 00254464 _____ C:\Users\DJ Dolphin\Desktop\MonthlySummary.xls
2015-12-01 02:14 - 2015-12-24 06:45 - 00835217 _____ C:\Users\DJ Dolphin\Desktop\genesis 27_11_2015.xlsx
2015-11-30 22:48 - 2015-11-30 22:48 - 00004939 _____ C:\Users\DJ Dolphin\Desktop\Rechnung 15-013.pdf
2015-11-30 06:07 - 2015-11-30 06:07 - 00000000 ____D C:\Users\DJ Dolphin\AppData\Local\CEF
2015-11-30 06:06 - 2015-11-30 06:06 - 00000000 ____D C:\Users\DJ Dolphin\AppData\LocalLow\Adobe
2015-11-30 06:05 - 2015-12-03 08:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-30 06:05 - 2015-11-30 10:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-28 19:18 - 2015-11-28 19:18 - 05628416 _____ C:\Users\DJ Dolphin\Desktop\genesis.xls
2015-11-28 18:52 - 2015-11-28 18:52 - 00000242 _____ C:\Users\DJ Dolphin\Desktop\Bilder im TL einfügen.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-28 22:05 - 2015-11-18 02:18 - 00000000 ____D C:\Users\DJ Dolphin\Desktop\FRST-OlderVersion
2015-12-28 22:05 - 2015-11-15 08:59 - 00000000 ____D C:\FRST
2015-12-28 22:05 - 2015-11-15 08:59 - 00000000 _____ C:\Users\DJ Dolphin\Desktop\FRST.txt
2015-12-28 22:05 - 2015-11-15 08:58 - 02370560 _____ (Farbar) C:\Users\DJ Dolphin\Desktop\FRST64.exe
2015-12-28 22:03 - 2009-07-14 06:45 - 00016080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-28 22:03 - 2009-07-14 06:45 - 00016080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-28 21:57 - 2015-11-21 04:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-28 21:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows
2015-12-28 21:42 - 2009-07-14 19:58 - 00680310 _____ C:\Windows\system32\perfh007.dat
2015-12-28 21:42 - 2009-07-14 19:58 - 00143982 _____ C:\Windows\system32\perfc007.dat
2015-12-28 21:42 - 2009-07-14 07:13 - 01605670 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-28 21:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2015-12-28 21:41 - 2011-06-20 18:40 - 00115888 _____ C:\Users\DJ Dolphin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-28 21:39 - 2013-03-24 19:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-28 21:39 - 2011-08-01 23:49 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-28 21:37 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-28 21:37 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-28 21:37 - 2009-07-14 06:45 - 00422216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-28 21:15 - 2009-07-14 04:34 - 00000591 _____ C:\Windows\win.ini
2015-12-28 20:01 - 2012-07-20 01:30 - 02087100 _____ C:\Windows\ntbtlog.txt
2015-12-28 19:42 - 2011-08-01 23:49 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-28 02:41 - 2011-07-25 01:37 - 00000000 ____D C:\Users\DJ Dolphin\AppData\Local\PokerStars.DESH
2015-12-23 04:38 - 2015-08-17 04:30 - 00000000 ____D C:\Users\DJ Dolphin\Desktop\Office
2015-12-18 06:07 - 2014-08-09 03:35 - 00000000 ____D C:\Users\DJ Dolphin\AppData\Local\Deployment
2015-12-11 15:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 03:07 - 2015-11-16 03:13 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 03:02 - 2012-07-21 21:27 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 07:57 - 2015-11-21 04:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 07:57 - 2012-09-18 12:34 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 07:57 - 2011-07-27 03:00 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 22:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-06 02:30 - 2014-12-17 01:39 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2015-12-02 19:02 - 2011-08-01 23:49 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 19:02 - 2011-08-01 23:49 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 13:18 - 2012-02-16 05:59 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-30 06:07 - 2014-08-31 04:10 - 00000000 ____D C:\Users\DJ Dolphin\AppData\Local\Adobe
2015-11-30 06:07 - 2010-06-08 14:54 - 00000000 ____D C:\ProgramData\Adobe
2015-11-30 06:06 - 2011-06-20 22:38 - 00000000 ____D C:\Users\DJ Dolphin\AppData\Roaming\Adobe
2015-11-30 06:05 - 2013-01-18 08:42 - 00000000 ____D C:\Program Files (x86)\Adobe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-25 03:00 - 2015-07-25 03:00 - 0000046 _____ () C:\Users\DJ Dolphin\AppData\Roaming\Camdata.ini
2015-07-25 03:00 - 2015-07-25 03:00 - 0000408 _____ () C:\Users\DJ Dolphin\AppData\Roaming\CamLayout.ini
2015-07-25 03:00 - 2015-07-25 03:00 - 0000408 _____ () C:\Users\DJ Dolphin\AppData\Roaming\CamShapes.ini
2015-07-25 03:00 - 2015-07-25 03:02 - 0004536 _____ () C:\Users\DJ Dolphin\AppData\Roaming\CamStudio.cfg
2015-07-25 02:59 - 2015-07-30 01:05 - 0000096 _____ () C:\Users\DJ Dolphin\AppData\Roaming\version2.xml
2011-09-20 03:08 - 2011-09-20 03:08 - 0007604 _____ () C:\Users\DJ Dolphin\AppData\Local\Resmon.ResmonCfg
2012-08-23 17:46 - 2012-08-23 17:46 - 0017408 _____ () C:\Users\DJ Dolphin\AppData\Local\WebpageIcons.db
2015-11-13 07:01 - 2015-11-13 07:01 - 0050498 _____ () C:\ProgramData\HELP_DECRYPT.PNG
2015-11-13 07:01 - 2015-11-13 07:01 - 0000292 _____ () C:\ProgramData\HELP_DECRYPT.URL
2014-01-01 04:11 - 2014-01-01 04:12 - 0000353 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-20 00:29
==================== Ende von FRST.txt ============================
|
