Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-06-2017
durchgeführt von mount (06-06-2017 13:07:18)
Gestartet von C:\Users\mount\Desktop
Windows 10 Home Version 1703 (X64) (2017-04-06 21:06:16)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-681119440-2854162237-709840982-500 - Administrator - Disabled)
BitBox (S-1-5-21-681119440-2854162237-709840982-1005 - Limited - Enabled)
DefaultAccount (S-1-5-21-681119440-2854162237-709840982-503 - Limited - Disabled)
Gast (S-1-5-21-681119440-2854162237-709840982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-681119440-2854162237-709840982-1003 - Limited - Enabled)
mount (S-1-5-21-681119440-2854162237-709840982-1001 - Administrator - Enabled) => C:\Users\mount
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . (Version: 7.1 - Intel) Hidden
. . . (x32 Version: 2.7.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net)
Acronis True Image WD Edition (HKLM-x32\...\{2827436B-605A-4DF5-AE1D-41486BE4FEF7}) (Version: 19.0.32 - Acronis)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Banking 4W (HKLM-x32\...\TopBanking) (Version: - Subsembly GmbH)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.5.3-r302 - Sirrix AG)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 1.13 - Abelssoft)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 27.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Eraser 6.2.0.2962 (HKLM\...\{C6E287F1-2E47-45F0-BB51-94F815CFFB48}) (Version: 6.2.2962 - The Eraser Project)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Harmony Remote Update (HKLM-x32\...\HarmonyRemoteUpdate) (Version: 7.7.1 - Logitech - HarmonyRemoteClient)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{954190cd-c66c-4650-bd15-f3dd85f2ae15}) (Version: 2.7.2.4 - Intel)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
KeePass Password Safe 2.35 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.35 - Dominik Reichl)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.8.106.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MyHarmony (HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Oracle VM VirtualBox 5.1.14_Sirrix (HKLM\...\{4A096316-9628-40E6-8363-0F05BA0469CB}) (Version: 5.1.14 - Sirrix AG)
PDF-XChange Editor (HKLM-x32\...\{e44f0a83-eeaa-471b-8e1e-5475e4183164}) (Version: 6.0.319.0 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 6.0.319.0 - Tracker Software Products (Canada) Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17042.12 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17042.12 - Samsung Electronics Co., Ltd.) Hidden
Smart View (HKLM-x32\...\{C7B50A89-F1D6-41C1-9375-0AF0C4CFE66F}) (Version: 1.0.0.0 - Samsung )
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows-Treiberpaket - RemoteControl (RemoteControlUSBLAN) Net (06/02/2016 02.04.10.001) (HKLM\...\A14D4158722037A4DD816446D7339B41F11276D9) (Version: 06/02/2016 02.04.10.001 - RemoteControl)
X-Mouse Button Control 2.16 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.16 - Highresolution Enterprises)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-681119440-2854162237-709840982-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\mount\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-681119440-2854162237-709840982-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\mount\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1ADA59A3-29BB-49AE-BC12-9C24F0BCAD77} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2016-08-15] (Microsoft Corporation)
Task: {1F18A8A1-4B1B-4980-81CF-AE338661FAFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.)
Task: {1F9D81A9-B326-4FBF-9DDB-7000F30F5DD6} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe
Task: {254DF889-6653-4F23-9941-13C98ACDB5CF} - System32\Tasks\Abelssoft\StartBackgroundguardWithWindows => C:\Program Files (x86)\CheckDrive\CheckDrive.exe [2016-12-19] (Ascora GmbH)
Task: {375E80C5-9D8E-4E95-A217-92CBB95A1983} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
Task: {4FBAB7AA-0BC7-401D-AD5A-A2A6FD525CC9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-17] (Dropbox, Inc.)
Task: {505A3405-CA38-4EF4-8DBB-FAFA083C46DA} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe
Task: {56B70F7A-A353-45DC-B7CE-C816B3354B3C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {674E2470-1A2C-4E89-933F-991DA41695E9} - System32\Tasks\herdProtectScan => C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe [2014-12-18] (Reason Software Company Inc.)
Task: {6BD82650-32BF-4BFC-BD1F-05C7C815AB1E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {737187ED-3C6A-4EA3-9EAA-11948F7A99C4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\WSCStub.exe
Task: {93D004D2-95F7-476A-B80D-D8ADF532E9CB} - System32\Tasks\S-1-5-21-681119440-2854162237-709840982-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {9C35759F-71BB-448F-B498-790416A144DC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-17] (Dropbox, Inc.)
Task: {A72550E3-F461-4CCB-B567-8865EBBCC95B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2016-08-15] (Microsoft Corporation)
Task: {A8643701-3336-475B-946E-14DBB1231E7A} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
Task: {AD7C1B37-E7D1-493A-8419-CD0FDE73CB7C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2016-08-15] (Microsoft)
Task: {AE55D9F9-876A-425E-9238-C24CC0025AE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-26] (Google Inc.)
Task: {BC09B15A-24F0-4662-9C0B-04351F9855B3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2016-08-15] (Microsoft Corporation)
Task: {D0BC1203-7827-406C-83D9-26F216E95770} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {F82BC691-FE62-4237-9C99-9AA2B1FFE281} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.8.1.14\SymErr.exe
Task: {FBDCE58F-536A-4B3E-96A5-FB7CF99692C0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2016-08-15] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-03-07 20:04 - 2017-03-07 20:04 - 00157456 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2017-02-15 22:48 - 2017-04-19 20:09 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-17 21:38 - 2016-12-17 21:38 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:59 - 2017-03-20 06:36 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-25 20:52 - 2017-05-25 20:52 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-25 20:52 - 2017-05-25 20:52 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-25 20:52 - 2017-05-25 20:52 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-25 20:52 - 2017-05-25 20:52 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-23 21:01 - 2017-05-23 21:01 - 03982336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1302.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-05-23 21:01 - 2017-05-23 21:01 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1302.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 18:59 - 2017-05-08 18:59 - 00765440 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Vui.dll
2017-05-08 18:59 - 2017-05-08 18:59 - 10601984 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-05-08 18:59 - 2017-05-08 18:59 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-05-24 19:29 - 2017-05-24 19:30 - 01726976 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxMail.exe
2017-05-24 19:29 - 2017-05-24 19:30 - 13096136 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-05 20:40 - 2017-05-05 20:41 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-12-17 22:42 - 2016-12-17 22:42 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-05 20:40 - 2017-05-05 20:41 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-06-28 01:19 - 2016-06-28 01:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\kpcengine.2.3.dll
2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2014-04-30 09:25 - 2014-04-30 09:25 - 00036352 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_psutil_windows.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00055510 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser._pacparser.pyd
2014-04-14 16:06 - 2014-04-14 16:06 - 00976827 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pacparser.dll
2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2016-08-10 15:16 - 2016-08-10 15:16 - 00692760 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\mount\Downloads\Schirmer_Stueble-Browser-in-the-Box.pdf:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2017-06-02 00:17 - 00000938 ____R C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-681119440-2854162237-709840982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mount\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 3
MSCONFIG\Services: KSDE1.0.0 => 3
MSCONFIG\Services: ManyCam Service => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\StartupApproved\Run: => "Norton Download Manager{NS2281014-SHPD-FSD570026}"
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\StartupApproved\Run: => "CryptSync"
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\StartupApproved\Run: => "VeraCrypt"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A044922C-1937-497D-9ECD-03F5453038A9}] => (Allow) C:\Users\mount\AppData\Local\Temp\7zSEB4E.tmp\SymNRT.exe
FirewallRules: [{0A3ACCF4-9DD6-4D51-BCC2-29284489ABC4}] => (Allow) C:\Users\mount\AppData\Local\Temp\7zSEB4E.tmp\SymNRT.exe
FirewallRules: [{DF26E4A5-2235-41D2-BEC5-A7063DDA918D}] => (Allow) C:\Users\mount\AppData\Local\Temp\7zSC4C9.tmp\SymNRT.exe
FirewallRules: [{1C0D200E-1348-4BC8-A242-BB785363279B}] => (Allow) C:\Users\mount\AppData\Local\Temp\7zSC4C9.tmp\SymNRT.exe
FirewallRules: [{037BCCF9-B5D0-4A34-B56D-A2C890F9BBAA}] => (Allow) C:\Users\mount\AppData\Local\Temp\7zS5ECF.tmp\SymNRT.exe
FirewallRules: [{D478CBC0-D974-4819-B64A-EAA9303723C1}] => (Allow) C:\Users\mount\AppData\Local\Temp\7zS5ECF.tmp\SymNRT.exe
FirewallRules: [{621CBDC3-9A1F-4592-89B2-72B94EEA75A7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{A987D9E0-934D-4D44-9A5D-7F6590EA8FA6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{934C790F-7F7F-4566-AC78-995A0BDECEF6}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe
FirewallRules: [{9DDB6993-1E26-4911-BD28-E0D21171295B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{83CDE20A-4B08-4DEC-8FF1-38CD16C2D7B3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{4EFD086E-3D1B-4044-B40B-D1C92C85E301}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{67BA9932-46BB-4D05-9F86-3494844FABEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Wiederherstellungspunkte =========================
18-05-2017 20:02:24 Vor Helium, Desktop
23-05-2017 22:46:44 Windows Update
24-05-2017 23:13:30 JRT Pre-Junkware Removal
31-05-2017 21:18:42 Wiederherstellungsvorgang
01-06-2017 23:39:58 JRT Pre-Junkware Removal
02-06-2017 20:18:16 G DATA CLEAN UP Systemwiederherstellungspunkt
02-06-2017 20:18:50 JRT Pre-Junkware Removal
02-06-2017 21:25:05 Revo Uninstaller's restore point - Mozilla Firefox 53.0.3 (x86 de)
02-06-2017 21:26:39 Revo Uninstaller's restore point - Mozilla Firefox 53.0 (x64 de)
02-06-2017 21:31:40 Revo Uninstaller's restore point - Mozilla Firefox 53.0.3 (x86 de)
03-06-2017 12:11:20 herdProtect before 4 removals
03-06-2017 22:49:27 Installed Oracle VM VirtualBox 5.1.14_Sirrix
03-06-2017 23:12:33 Installed Oracle VM VirtualBox 5.1.22
03-06-2017 23:15:16 Removed Oracle VM VirtualBox 5.1.22
03-06-2017 23:19:33 Installed Oracle VM VirtualBox 5.1.22
03-06-2017 23:27:08 Installed Oracle VM VirtualBox 5.1.14_Sirrix
03-06-2017 23:32:01 Installed Oracle VM VirtualBox 5.1.22
03-06-2017 23:35:25 Installed Oracle VM VirtualBox 5.1.22
05-06-2017 23:07:56 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/06/2017 11:42:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/05/2017 07:01:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/05/2017 07:01:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Innovative Solutions\DriverMax\DPInst\ia64\ddinst.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/05/2017 06:25:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/05/2017 06:21:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/05/2017 06:21:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Innovative Solutions\DriverMax\DPInst\ia64\ddinst.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/04/2017 04:39:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (06/04/2017 04:39:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Innovative Solutions\DriverMax\DPInst\ia64\ddinst.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/04/2017 12:04:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-57KB3AR)
Description: Das Paket „Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe+ContentProcess#{00031401-0001-0000-f443-190000000000}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (06/03/2017 11:29:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Systemfehler:
=============
Error: (06/06/2017 11:46:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-57KB3AR)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/06/2017 12:46:49 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-57KB3AR)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/05/2017 11:11:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-57KB3AR)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/05/2017 11:11:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-57KB3AR)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/05/2017 10:33:59 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "I:" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.
Error: (06/05/2017 07:19:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/05/2017 07:11:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Scout Update-Dienst (scupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (06/05/2017 07:09:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (06/05/2017 07:09:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-57KB3AR)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/05/2017 07:04:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-06-05 21:42:44.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 21:42:44.451
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 21:09:56.985
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 21:09:56.983
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-05 19:35:25.042
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-04 19:50:46.795
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-03 21:33:15.714
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-03 21:33:15.711
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-03 21:33:15.709
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-03 21:33:15.708
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\mount\Desktop\Umzug 03.06.17\Eigene Dat\Aktuelle Portable Programme\SpybotPortable\App\Spybot\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8085 MB
Verfügbarer physikalischer RAM: 4940.19 MB
Summe virtueller Speicher: 9365 MB
Verfügbarer virtueller Speicher: 5958.95 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.33 GB) (Free:153.74 GB) NTFS
Drive e: (Mounti´s Own Intern) (Fixed) (Total:634.77 GB) (Free:457.78 GB) NTFS
Drive f: (Images Intern) (Fixed) (Total:296.3 GB) (Free:239.49 GB) NTFS
Drive g: (Key-Stick) (Removable) (Total:14.48 GB) (Free:14.41 GB) NTFS
Drive h: (KINGSTON) (Removable) (Total:7.32 GB) (Free:7.27 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BB2F404F)
Partition 1: (Not Active) - (Size=634.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296.3 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 14.5 GB) (Disk ID: 4E0A0D00)
No partition Table on disk 2.
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: 38E53988)
Partition 1: (Active) - (Size=7.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2017
durchgeführt von mount (Administrator) auf DESKTOP-57KB3AR (06-06-2017 13:06:48)
Gestartet von C:\Users\mount\Desktop
Geladene Profile: mount (Verfügbare Profile: mount)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Ascora GmbH) C:\Program Files (x86)\CheckDrive\CheckDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1302.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1519824 2017-05-17] (Highresolution Enterprises)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1085512 2015-01-12] (The Eraser Project)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [497824 2016-08-10] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2867712 2017-01-09] (Dominik Reichl)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6814192 2016-08-10] ()
HKU\S-1-5-21-681119440-2854162237-709840982-1001\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2867712 2017-01-09] (Dominik Reichl)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2017-06-05]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Keine Datei)
Startup: C:\Users\mount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar769.lnk [2017-06-06]
ShortcutTarget: Sidebar769.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{55481a94-9711-4d63-8c74-61e78b7c561a}: [NameServer] 192.168.0.1
Tcpip\..\Interfaces\{55481a94-9711-4d63-8c74-61e78b7c561a}: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{b5698cd8-210e-4081-902d-470b6856adc5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-06] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2017-03-06] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\IEExt\ie_plugin.dll [2017-03-06] (AO Kaspersky Lab)
Edge:
======
Edge Extension: (Adguard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_2.5.18.0_neutral__m055xr0c82818 [2017-05-31]
FireFox:
========
FF DefaultProfile: fdjex74n.default-1496435919112
FF ProfilePath: C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112 [2017-06-06]
FF NewTab: Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112 -> chrome://fvd.speeddial/content/fvd_about_blank.html
FF Homepage: Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112 -> chrome://speeddial/content/speeddial.xul
FF Extension: (SetupVPN) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\@setupvpncom.xpi [2017-06-05]
FF Extension: (VPN Unlimited – Secure Proxy & WiFi Hotspot) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\@vpn-unlimited-secure-proxy.xpi [2017-06-05]
FF Extension: (Avira Browser Safety) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\abs@avira.com.xpi [2017-06-04]
FF Extension: (Classic Theme Restorer) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2017-06-02]
FF Extension: (CLEO) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\CLEO@guid.customsoftwareconsult.com [2017-06-03]
FF Extension: (Classic Toolbar Buttons) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\CSTBB@NArisT2_Noia4dev.xpi [2017-06-02]
FF Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\hotspot-shield@anchorfree.com.xpi [2017-06-05]
FF Extension: (HTTPS Everywhere) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\https-everywhere@eff.org.xpi [2017-06-02]
FF Extension: (Pushbullet) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2017-06-02]
FF Extension: (KeeFox) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\keefox@chris.tomlinson [2017-06-02]
FF Extension: (My Public IP) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\mypublicip@csiz.net.xpi [2017-06-02]
FF Extension: (Sticky Notes) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\sticky@filenamezero.dip.jp.xpi [2017-06-02]
FF Extension: (uBlock Origin) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\uBlock0@raymondhill.net.xpi [2017-06-02]
FF Extension: (Vertical Toolbar) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\verticaltoolbar@xuldev.org.xpi [2017-06-02]
FF Extension: (Toolbar Buttons) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}.xpi [2017-06-05]
FF Extension: (FireShot) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-06-02]
FF Extension: (Flashblock) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2017-06-02]
FF Extension: (FEBE) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2017-06-03]
FF Extension: (InFormEnter) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920} [2017-06-02]
FF Extension: (Speed Dial) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2017-06-02]
FF Extension: (Bluhell Firewall) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2017-06-04]
FF Extension: (Download Status Bar) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2017-06-02]
FF Extension: (Google Keep Notes) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{a94d60a0-8408-4c53-8eec-cb349eb958b8}.xpi [2017-06-02]
FF Extension: (gtranslate) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2017-06-02]
FF Extension: (eCleaner) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi [2017-06-05]
FF Extension: (BetterPrivacy) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2017-06-02]
FF Extension: (Tab Mix Plus) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-06-02]
FF Extension: (Web Messenger for WhatsApp™) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\Extensions\{e1ab1333-aff6-42fe-84a5-55be2409491b}.xpi [2017-06-02]
FF Extension: (Follow-on Search Telemetry) - C:\Users\mount\AppData\Roaming\Mozilla\Firefox\Profiles\fdjex74n.default-1496435919112\features\{212a3cd9-7cbc-4f80-8928-ab317e14f447}\followonsearch@mozilla.com.xpi [2017-06-05]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-06]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-11-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-11-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-11-28] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-681119440-2854162237-709840982-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-11-28] (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html
CHR StartupUrls: Default -> "chrome://newtab/"
CHR NewTab: Default -> Not-active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Profile: C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default [2017-06-02]
CHR Extension: (Google*Übersetzer) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-04-24]
CHR Extension: (Google Präsentationen) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-24]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2017-04-24]
CHR Extension: (Google Docs) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-24]
CHR Extension: (Google Drive) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-24]
CHR Extension: (Session Manager) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2017-04-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-04-24]
CHR Extension: (YouTube) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-24]
CHR Extension: (Adblock Plus) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-24]
CHR Extension: (Pushbullet) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2017-04-24]
CHR Extension: (Google Tabellen) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-24]
CHR Extension: (Kaspersky Protection) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-04-24]
CHR Extension: (Deaktivierungs-Add-on von Google Analytics) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2017-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-24]
CHR Extension: (IP-Address) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghlojgpiinfelppegaabbiphgomaidml [2017-06-01]
CHR Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\heajfgnegopeedndeahkdjedjkjcmnpb [2017-06-01]
CHR Extension: (Google Notizen – Notizen & Listen) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-06-01]
CHR Extension: (Pixlr Editor) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2017-04-24]
CHR Extension: (Norton Identity Safe) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-04-24]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2017-04-24]
CHR Extension: (Downloads) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2017-04-24]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2017-04-24]
CHR Extension: (Hotspot Shield Free VPN Proxy – Entsperrung) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2017-06-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-24]
CHR Extension: (Dolphin Connect) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\pajecklcmiegagoelbbjldmfcbcpdpll [2017-04-24]
CHR Extension: (Google Mail) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\mount\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1135088 2016-08-10] ()
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2017-04-03] (Sirrix AG) [Datei ist nicht signiert]
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-17] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-17] (Dropbox, Inc.)
S4 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.)
S4 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-12-17] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S4 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
S4 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
S2 scupdate; "C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe" /svc [X]
S3 scupdatem; "C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe" /medsvc [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [339808 2016-12-18] (Acronis International GmbH)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-11] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-11] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-11] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-07] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-05-24] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-05-31] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251664 2017-04-19] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-06-06] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-05-24] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-06-05] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1049432 2016-12-18] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [202592 2016-12-18] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [581464 2016-12-18] (Acronis International GmbH)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [207944 2017-03-22] (Oracle Corporation)
R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [467368 2017-03-28] (IDRIX)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [301408 2016-12-18] (Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-06 13:06 - 2017-06-06 13:06 - 02433536 _____ (Farbar) C:\Users\mount\Desktop\FRST64.exe
2017-06-06 13:06 - 2017-06-06 13:06 - 00032530 _____ C:\Users\mount\Desktop\FRST.txt
2017-06-06 13:06 - 2017-06-06 13:06 - 00000000 ____D C:\FRST
2017-06-06 12:22 - 2017-06-06 12:22 - 00112912 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-06-06 12:06 - 2017-06-06 12:08 - 00000000 ____D C:\Users\mount\Desktop\mbam
2017-06-06 11:42 - 2017-06-06 11:44 - 00000000 ____D C:\Users\mount\Desktop\Logs06.06
2017-06-05 23:09 - 2017-06-05 23:09 - 00000655 _____ C:\Users\mount\Desktop\JRT1.txt
2017-06-05 21:12 - 2017-06-05 21:12 - 00000000 ____D C:\Users\mount\Desktop\Windows Keys
2017-06-05 19:07 - 2017-06-05 19:07 - 00000207 _____ C:\Users\mount\Desktop\Neue Internetverknüpfung.url
2017-06-05 19:01 - 2017-06-05 19:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-06-05 19:01 - 2017-06-05 19:01 - 00000000 ____D C:\ProgramData\McAfee
2017-06-05 19:00 - 2017-06-05 19:00 - 12175224 _____ C:\Users\mount\Downloads\saSetup.exe
2017-06-04 22:55 - 2017-06-04 20:39 - 3221225472 _____ C:\Users\mount\Desktop\VeraCrypt.hc
2017-06-04 19:59 - 2017-06-04 19:59 - 00000000 ____D C:\Users\mount\Documents\FeedbackHub
2017-06-03 23:35 - 2017-03-22 07:42 - 00207944 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2017-06-03 23:28 - 2017-06-03 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2017-06-03 23:28 - 2017-06-03 23:28 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2017-06-03 23:27 - 2017-06-03 23:27 - 00000000 ____D C:\Program Files\Oracle
2017-06-03 23:25 - 2017-06-03 23:25 - 00617444 _____ C:\Users\mount\Downloads\Browser-in-the-Box_Benutzerhandbuch.pdf
2017-06-03 23:24 - 2017-06-03 23:26 - 631916544 _____ (Sirrix AG) C:\Users\mount\Downloads\browser_in_the_box.4.5.3-r302.firefox-00108.archive.exe
2017-06-03 23:19 - 2017-06-03 23:24 - 00000000 ____D C:\Users\mount\.VirtualBox
2017-06-03 23:19 - 2017-03-22 07:42 - 00958392 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2017-06-03 23:16 - 2017-06-03 23:16 - 123669848 _____ (Oracle Corporation) C:\Users\mount\Downloads\VirtualBox-5.1.22-115126-Win.exe
2017-06-03 23:00 - 2017-06-03 23:00 - 00000000 ____D C:\Users\mount\AppData\Roaming\Sirrix AG
2017-06-03 22:49 - 2017-06-03 23:28 - 00000000 ____D C:\ProgramData\Sirrix AG
2017-06-03 22:45 - 2017-06-03 22:45 - 02582036 _____ C:\Users\mount\Downloads\Schirmer_Stueble-Browser-in-the-Box.pdf
2017-06-03 22:30 - 2017-06-03 22:31 - 3646816256 _____ C:\Users\mount\Desktop\Windows 06-2017.iso
2017-06-03 22:17 - 2017-06-03 22:34 - 00000000 ____D C:\ESD
2017-06-03 22:16 - 2017-06-03 22:16 - 18357776 _____ (Microsoft Corporation) C:\Users\mount\Downloads\MediaCreationTool.exe
2017-06-03 22:16 - 2017-06-03 22:16 - 00000000 ___HD C:\$Windows.~WS
2017-06-03 22:16 - 2017-06-03 22:16 - 00000000 ____D C:\$WINDOWS.~BT
2017-06-03 22:06 - 2017-06-03 22:08 - 00000000 ____D C:\Users\mount\My Drivers
2017-06-03 22:06 - 2017-06-03 22:06 - 00000000 ____D C:\Users\mount\AppData\Roaming\Innovative Solutions
2017-06-03 22:06 - 2017-06-03 22:06 - 00000000 ____D C:\Users\mount\AppData\Local\Innovative Solutions
2017-06-03 21:26 - 2017-06-03 22:14 - 00000000 ____D C:\Users\mount\Desktop\Umzug 03.06.17
2017-06-03 20:52 - 2017-06-03 20:52 - 43370704 _____ (Microsoft Corporation) C:\Users\mount\Downloads\Windows-KB890830-x64-V5.48.exe
2017-06-03 12:40 - 2017-06-03 12:40 - 00003746 _____ C:\WINDOWS\System32\Tasks\herdProtectScan
2017-06-03 11:58 - 2017-06-03 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2017-06-03 11:58 - 2017-06-03 11:58 - 00000000 ____D C:\Program Files\Reason
2017-06-03 11:57 - 2017-06-03 11:57 - 02873112 _____ (Reason Company Software Inc.) C:\Users\mount\Downloads\herdProtectScan_Setup1039.exe
2017-06-02 21:48 - 2017-06-02 21:52 - 00000000 ____D C:\Users\mount\AppData\Local\Mozilla
2017-06-02 21:48 - 2017-06-02 21:48 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-06-02 21:48 - 2017-06-02 21:48 - 00000000 ____D C:\Users\mount\AppData\Roaming\Mozilla
2017-06-02 21:48 - 2017-06-02 21:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-02 21:48 - 2017-06-02 21:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-02 21:28 - 2017-06-02 21:28 - 00246328 _____ (Mozilla) C:\Users\mount\Downloads\Firefox Setup Stub 53.0.3.exe
2017-06-02 20:14 - 2017-06-02 20:18 - 00000000 ____D C:\ProgramData\G DATA
2017-06-02 19:16 - 2017-06-06 00:44 - 00000000 ____D C:\Users\mount\Desktop\Logs 2.6
2017-06-02 19:10 - 2017-06-02 19:10 - 02444208 _____ C:\Users\mount\Downloads\avira_pc_cleaner_de.exe
2017-06-02 19:08 - 2017-06-02 19:09 - 17566624 _____ (G DATA Software AG) C:\Users\mount\Downloads\GDCleanUp.exe
2017-06-02 18:26 - 2017-06-02 18:26 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\66DE54C0.sys
2017-06-02 18:25 - 2017-06-06 00:24 - 00000000 ____D C:\Users\mount\Desktop\Logs 01.06
2017-06-02 01:11 - 2017-06-02 01:11 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-06-02 00:17 - 2017-06-02 00:16 - 00454512 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20170602-001715.backup
2017-06-02 00:16 - 2015-07-10 13:02 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20170602-001641.backup
2017-06-01 23:02 - 2017-06-04 20:02 - 00000000 ____D C:\Users\mount\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2017-06-01 21:12 - 2017-06-01 21:12 - 00000000 ___HD C:\OneDriveTemp
2017-06-01 21:08 - 2017-06-01 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-31 23:01 - 2017-05-31 23:01 - 04370599 _____ C:\Users\mount\Downloads\Banking4W.Handbuch(2).pdf
2017-05-31 21:38 - 2017-05-31 21:38 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-05-30 22:39 - 2017-05-30 22:39 - 01130328 _____ (Google Inc.) C:\Users\mount\Downloads\ChromeSetup.exe
2017-05-30 22:13 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2017-05-30 22:13 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2017-05-30 22:13 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll
2017-05-30 22:13 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2017-05-30 22:13 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2017-05-30 22:09 - 2017-05-30 22:09 - 00000000 ____D C:\Users\mount\AppData\Local\Visicom Media
2017-05-30 22:05 - 2017-05-30 22:05 - 22660464 _____ (Microsoft Corporation) C:\Users\mount\Downloads\LifeCam3.60.exe
2017-05-30 20:52 - 2017-05-30 20:52 - 04370599 _____ C:\Users\mount\Downloads\Banking4W.Handbuch.pdf
2017-05-30 20:49 - 2017-05-30 20:47 - 00451752 _____ C:\Users\mount\Documents\klug_2017-05-26_10-30-28.pdf
2017-05-30 20:47 - 2017-05-30 20:47 - 00451752 _____ C:\Users\mount\Downloads\klug_2017-05-26_10-30-28.pdf
2017-05-30 20:17 - 2017-05-30 20:17 - 01268910 _____ C:\Users\mount\Downloads\fritzwlan-repeater-310Kurzanleitung.pdf
2017-05-30 20:17 - 2017-05-30 20:17 - 01170087 _____ C:\Users\mount\Downloads\fritzwlan-repeater-310_Handbuch.pdf
2017-05-30 12:22 - 2017-05-30 12:22 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-26 22:54 - 2017-05-26 22:54 - 00698089 _____ C:\Users\mount\Downloads\firemzr-setup.exe
2017-05-24 23:34 - 2017-05-24 23:34 - 00426064 _____ (PortableApps.com) C:\Users\mount\Downloads\McAfeeStingerPortable_12.1.0.2351_English_online.paf.exe
2017-05-24 23:32 - 2017-05-24 23:32 - 16160488 _____ (McAfee Inc) C:\Users\mount\Downloads\stinger32.exe
2017-05-24 23:32 - 2017-05-24 23:32 - 15535382 _____ C:\Users\mount\Downloads\stinger64-epo.zip
2017-05-24 23:18 - 2017-05-24 23:18 - 08405857 _____ C:\Users\mount\Downloads\ccsetup530.zip
2017-05-24 23:18 - 2017-05-24 23:18 - 08405857 _____ C:\Users\mount\Downloads\ccsetup530(1).zip
2017-05-24 19:49 - 2017-05-24 19:50 - 00000000 ____D C:\Users\mount\Desktop\Kontoauszüge für Grundsicherung 05-17
2017-05-24 19:45 - 2017-05-24 19:45 - 00229288 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-05-24 19:45 - 2017-05-24 19:45 - 00173144 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-05-22 20:00 - 2017-06-01 23:44 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-18 20:10 - 2017-05-18 20:10 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-05-18 20:10 - 2017-05-18 20:10 - 00000000 ____D C:\Users\mount\.android
2017-05-18 20:09 - 2017-05-18 20:09 - 11058688 _____ C:\Users\mount\Downloads\CarbonSetup_1.0.0(1).msi
2017-05-18 20:03 - 2017-05-18 20:03 - 11058688 _____ C:\Users\mount\Downloads\CarbonSetup_1.0.0.msi
2017-05-18 19:54 - 2017-05-18 19:54 - 27750400 _____ C:\Users\mount\Downloads\kaspersky_anti_ransomware_tool_for_business_1.1.24.0_en.msi
2017-05-17 21:11 - 2017-05-17 21:11 - 00000000 ____D C:\Users\mount\AppData\Roaming\Cybereason
2017-05-17 21:11 - 2017-05-17 21:11 - 00000000 ____D C:\Users\mount\AppData\Local\Cybereason
2017-05-17 21:11 - 2017-05-17 21:11 - 00000000 ____D C:\ProgramData\Cybereason
2017-05-17 21:10 - 2017-05-17 21:10 - 04481024 _____ C:\Users\mount\Downloads\Cybereason227RansomFree.msi
2017-05-17 20:40 - 2017-05-17 20:40 - 04370599 _____ C:\Users\mount\Downloads\Banking4W.Handbuch(1).pdf
2017-05-16 21:14 - 2017-05-16 21:14 - 00076692 _____ C:\Users\mount\Downloads\Meine%20RheinEnergie%20005056862D021ED78EC71AAB7FB96FC9.pdf
2017-05-15 19:44 - 2017-05-15 19:44 - 00702979 _____ C:\Users\mount\Downloads\Meine%20RheinEnergie%20005056863B4E1EE78EB2C2F00120E773.pdf
2017-05-10 20:11 - 2017-05-10 20:11 - 01163424 _____ (Opera Software) C:\Users\mount\Downloads\Opera_PortableSetup.exe
2017-05-10 19:55 - 2017-05-10 19:55 - 08611678 _____ C:\Users\mount\Downloads\Bedienungsanleitungen.pdf
2017-05-10 19:55 - 2017-05-10 19:55 - 00544628 _____ C:\Users\mount\Downloads\bioSnacky-Broschuere.pdf
2017-05-09 20:47 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 20:47 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 20:47 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 20:47 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 20:47 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 20:47 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 20:47 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 20:47 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 20:47 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 20:47 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 20:47 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 20:47 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 20:47 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 20:47 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 20:47 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 20:47 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 20:47 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 20:47 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 20:47 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 20:47 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 20:47 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 20:47 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 20:47 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 20:47 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 20:47 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 20:47 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 20:47 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 20:47 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 20:47 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 20:47 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 20:47 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 20:47 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 20:47 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 20:47 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 20:47 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 20:47 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 20:47 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 20:47 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 20:47 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 20:47 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 20:47 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 20:47 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 20:47 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 20:47 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 20:47 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 20:47 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 20:47 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 20:47 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 20:47 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 20:47 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 20:47 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 20:47 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 20:47 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 20:47 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 20:47 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 20:47 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 20:47 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 20:47 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 20:47 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 20:47 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 20:47 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 20:47 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 20:47 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 20:47 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 20:47 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 20:47 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 20:47 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 20:47 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 20:47 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 20:47 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 20:47 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 20:47 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 20:47 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 20:47 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 20:47 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 20:47 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 20:47 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 20:47 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 20:47 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 20:47 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 20:47 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 20:47 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 20:47 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 20:47 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 20:47 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 20:47 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 20:47 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 20:47 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 20:47 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 20:47 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 20:47 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 20:47 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 20:47 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 20:47 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 20:47 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 20:47 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 20:47 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 20:47 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 20:47 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 20:47 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 20:47 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 20:47 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 20:47 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 20:47 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 20:47 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 20:47 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 20:47 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 20:47 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 20:47 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 20:47 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 20:47 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 20:47 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 20:47 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 19:06 - 2017-05-08 19:06 - 00051209 _____ C:\Users\mount\Downloads\Anschreiben Anforderung FB + Vergütung.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-06 13:04 - 2017-04-06 22:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-06 13:04 - 2016-12-17 22:27 - 00000000 ____D C:\Users\mount\AppData\LocalLow\Mozilla
2017-06-06 12:21 - 2017-02-16 00:06 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-06-06 12:05 - 2017-04-06 22:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-06-06 12:05 - 2016-12-17 21:41 - 00000000 __SHD C:\Users\mount\IntelGraphicsProfiles
2017-06-06 11:46 - 2016-12-17 22:52 - 00000000 ____D C:\Users\mount\AppData\Roaming\KeePass
2017-06-06 11:42 - 2017-04-06 23:00 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{97F54320-3646-4235-B7C2-96E986664E7C}
2017-06-05 23:02 - 2017-02-08 23:03 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-05 23:02 - 2017-01-02 01:05 - 00000000 ____D C:\AdwCleaner
2017-06-05 21:32 - 2016-12-17 21:43 - 00000000 ___RD C:\Users\mount\OneDrive
2017-06-05 21:18 - 2017-03-23 20:35 - 00000000 ____D C:\Users\mount\Desktop\7-ZipPortable
2017-06-05 19:13 - 2017-04-06 23:03 - 02807370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-05 19:13 - 2017-03-20 06:35 - 01316458 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-05 19:13 - 2017-03-20 06:35 - 00310218 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-05 19:09 - 2017-04-06 23:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-05 19:09 - 2017-03-18 13:40 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-06-04 23:13 - 2016-12-18 21:54 - 00000000 ____D C:\WINDOWS\system32\KP DataCopy1
2017-06-04 23:13 - 2016-12-18 21:53 - 00000000 ____D C:\Program Files (x86)\KP DataCopy
2017-06-04 20:04 - 2016-12-18 23:20 - 00000000 ____D C:\Users\mount\AppData\Roaming\App Launcher Gadget
2017-06-04 16:44 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-04 00:08 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 00:08 - 2016-12-17 21:41 - 00000000 ____D C:\Users\mount\AppData\Local\Packages
2017-06-03 23:35 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-03 23:33 - 2017-04-06 22:57 - 00000000 ____D C:\Users\mount
2017-06-03 23:25 - 2016-12-17 23:33 - 00000000 ___RD C:\Users\mount\Dropbox
2017-06-03 22:34 - 2017-04-06 22:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-03 22:34 - 2016-12-17 23:29 - 00000000 ____D C:\Users\mount\AppData\Local\Dropbox
2017-06-03 20:52 - 2016-12-18 00:35 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-02 22:26 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-02 21:04 - 2017-05-02 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-02 20:55 - 2017-03-26 21:29 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-02 20:24 - 2016-12-18 22:09 - 00000000 ____D C:\Users\mount\Aktuelle Portable Programme
2017-06-02 00:36 - 2017-01-15 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-02 00:25 - 2017-01-29 22:05 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-06-01 21:08 - 2016-12-17 23:30 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-01 00:11 - 2017-03-26 21:29 - 00000000 ____D C:\Users\mount\AppData\Local\Google
2017-05-31 23:19 - 2016-12-19 21:52 - 00000000 ____D C:\Users\mount\AppData\Local\ElevatedDiagnostics
2017-05-31 21:31 - 2016-12-17 22:11 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-31 21:20 - 2017-03-21 23:25 - 00000000 ____D C:\Users\mount\AppData\Local\Abelssoft
2017-05-31 21:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\registration
2017-05-30 22:33 - 2015-07-10 13:04 - 00000370 _____ C:\WINDOWS\win.ini
2017-05-24 23:20 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-05-24 23:20 - 2017-01-18 22:48 - 00000000 ____D C:\Users\mount\AppData\Local\CrashDumps
2017-05-23 22:47 - 2016-12-18 00:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-11 20:42 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 19:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-11 19:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 19:21 - 2017-04-06 22:56 - 00398296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 19:21 - 2016-12-17 21:41 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 22:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 22:00 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 22:00 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 22:00 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 20:49 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-07 19:37 - 2016-12-17 21:44 - 00000000 ____D C:\Users\mount\AppData\Local\Comms
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-18 23:11 - 2016-12-18 23:12 - 0007628 _____ () C:\Users\mount\AppData\Local\resmon.resmoncfg
Einige Dateien in TEMP:
====================
2017-06-05 19:01 - 2017-06-05 19:01 - 0883024 _____ (McAfee, Inc.) C:\Users\mount\AppData\Local\Temp\0230041496682111mcinst.exe
2017-06-05 19:19 - 2017-06-05 19:01 - 0883024 _____ (McAfee, Inc.) C:\Users\mount\AppData\Local\Temp\0264231496683158mcinst.exe
2014-09-24 00:42 - 2014-09-24 00:42 - 0013824 _____ () C:\Users\mount\AppData\Local\Temp\gkey.exe
2015-03-02 14:25 - 2015-03-02 14:25 - 0027648 _____ () C:\Users\mount\AppData\Local\Temp\pkeyui.exe
2015-03-01 19:09 - 2017-06-03 23:17 - 0048848 _____ () C:\Users\mount\AppData\Local\Temp\wabk.exe
2017-05-30 20:10 - 2017-05-30 20:10 - 1013848 _____ () C:\Users\mount\AppData\Local\Temp\XMBCUpdate.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-30 21:38
==================== Ende von FRST.txt ============================
|
Lesestoff:
FRST 32-Bit | FRST 64-Bit
SecurityCheck und: