Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-06-2016
durchgeführt von Henne (2017-08-23 14:37:11)
Gestartet von C:\Users\Henne\Desktop\FRST
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-21 16:05:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-286748799-151874876-589906257-500 - Administrator - Disabled)
Gast (S-1-5-21-286748799-151874876-589906257-501 - Limited - Disabled)
Henne (S-1-5-21-286748799-151874876-589906257-1000 - Administrator - Enabled) => C:\Users\Henne
HomeGroupUser$ (S-1-5-21-286748799-151874876-589906257-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Antivirus by F-Secure (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20}
AS: Antivirus by F-Secure (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . (Version: 7.1 - Intel) Hidden
. . . (x32 Version: 2.8.0.7 - Intel) Hidden
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.125 - Atheros)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.5.0.1 - Swiss Academic Software)
Computer Security 14.176.101.0 (release) (x32 Version: 14.176.101.0 - F-Secure Corporation) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 33.4.23 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
F-Secure (HKLM-x32\...\F-Secure ServiceEnabler 666) (Version: 2.76.211.0 - F-Secure Corporation)
F-Secure (x32 Version: 2.76.211.0 - F-Secure Corporation) Hidden
F-Secure CCF Reputation (x32 Version: 2.1.1342.0 - F-Secure) Hidden
F-Secure CCF Scanning 1.73.275.1078 (release) (x32 Version: 1.73.275.1078 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.04.214 (x32 Version: 1.04.214 - F-Secure Corporation) Hidden
F-Secure SafeSearch 10.0.0.0 (release) (x32 Version: 10.0.0.0 - F-Secure Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
HP Dropbox Plugin (HKLM-x32\...\{45B18FC7-3ECE-4F2B-99A8-370886AB8238}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{1502BB1F-7870-4DC9-9178-65CFE00D070C}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP OfficeJet 3830 series - Grundlegende Software für das Gerät (HKLM\...\{DCCF150E-E0CA-4C1E-BD81-207DB6BE2A86}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP OfficeJet 3830 series Hilfe (HKLM-x32\...\{99C52AB4-FBA3-4C12-9AC3-B19A3421EB96}) (Version: 35.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{b480f6cc-fa56-482b-b0a3-49d69a32db6d}) (Version: 2.8.0.7 - Intel)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
LibreOffice 5.3.4.2 (HKLM\...\{798CC630-3AA2-457E-B453-1EBBC3A4582F}) (Version: 5.3.4.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Gallery (HKLM\...\{0EB7792D-EFA2-42AB-9A22-F33D9458E974}) (Version: 2.1.0.13300 - Sony Corporation)
Mendeley Desktop 1.16.3 (HKLM-x32\...\Mendeley Desktop) (Version: 1.16.3 - Mendeley Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2171 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-286748799-151874876-589906257-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8201.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8201.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8201.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Online Safety 2.176.4626.2945 (x32 Version: 2.176.4626.2945 - F-Secure Corporation) Hidden
PASW Statistics 18 (HKLM-x32\...\{C25215FC-5900-48B0-B93C-8D3379027312}) (Version: 18.0.0 - SPSS Inc.)
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.1 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{E727B31A-8B24-4C1C-934A-69634E0D2C0B}) (Version: 3.0 - Qualcomm Atheros)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Remote Play with PlayStation(R)3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Studie zur Verbesserung von HP OfficeJet 3830 series (HKLM\...\{0BE77456-9F9E-41FA-8914-01940B20AEA8}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
TrackID(TM) with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM\...\{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}) (Version: 2.0.00.14200 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.21090 - Sony Corporation)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - TrackID™ mit BRAVIA (HKLM-x32\...\{2F41EF61-A066-4EBF-84F8-21C1B317A780}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO Care (HKLM\...\{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}) (Version: 7.3.0.14170 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.2.1.15070 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.9.0.13190 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 1.0.0.12300 - Sony Corporation)
VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.3.0.12280 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.11.1.15220 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.7.0.13130 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.7.13130 - Sony Corporation) Hidden
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.3.0.12300 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.7.0.02231 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-286748799-151874876-589906257-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Henne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-286748799-151874876-589906257-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Henne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0E0C6837-B141-472E-B864-0096FA53D595} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated)
Task: {17DDB248-70C1-4E47-9894-9BD2126715DD} - System32\Tasks\{8C3E9FAD-1055-498A-97D7-360D78D8611B} => pcalua.exe -a C:\Users\Henne\Downloads\QpilotClient-UniMR-setup.exe -d C:\Users\Henne\Downloads
Task: {184D1C1F-A1AA-4613-9D04-8EDF907A7B25} - System32\Tasks\HPCustParticipation HP OfficeJet 3830 series => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPCustPartic.exe [2015-03-09] (Hewlett-Packard Development Company, LP)
Task: {24CF3A88-65E5-4B0B-ACD1-0D0CB00965EF} - System32\Tasks\{12E0464F-B7C4-4724-BF06-2C4668F36EF9} => pcalua.exe -a C:\Users\Henne\Downloads\QPilot-Setup.exe -d C:\Users\Henne\Downloads
Task: {2723E69A-3897-4B9D-BE5B-2182A1613972} - System32\Tasks\HP AR Program Upload - ced6d23826054b9fa13e45af68ade1b47a0aef0376834686b9023efdce686a98 => C:\Program Files\HP\HP OfficeJet 3830 series\bin\HPRewards.exe [2015-03-09] (Hewlett-Packard Development Company, LP)
Task: {2A395F1E-B37B-433B-A063-72937A6BD4E3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {2DA8F6B0-44AF-4AF1-B74D-0751C2BFF896} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-14] (Microsoft Corporation)
Task: {30A6FBD6-25A2-4844-B3B5-85F0F395A653} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-14] (Microsoft Corporation)
Task: {330DD1C6-236E-4C60-8A9B-E2AC1782C861} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-06-09] (Dropbox, Inc.)
Task: {330EA90A-3230-45A2-A8D0-3B25119236CE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-16] ()
Task: {445B238C-26C9-44E9-88F7-053AD29925BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-16] ()
Task: {45F9732C-9574-4594-B301-9E585F16D597} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {55DBE718-B4C9-4ABF-B31A-9F67881252D4} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {5B8DEA17-90F3-48DC-9D9C-BEFA20425E65} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {758AD595-3438-49FF-B99A-2D95265548FA} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-03-07] (Sony Corporation)
Task: {811A0F12-8E23-406A-AEA7-A7D5374F354A} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {90435D64-783B-4F03-B418-AFB69E216382} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-02-24] (Sony Corporation)
Task: {91F51BE0-0D9E-489B-9AE0-7F9E575390FA} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-12-27] (Sony Corporation)
Task: {9307C007-D553-4909-9643-99664EF9B0C5} - System32\Tasks\{15EB0613-DB6B-4E67-90D8-4F206FC378B4} => Firefox.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/eula
Task: {95C0C918-618A-446C-B3A6-7EC9C434C349} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2011-12-27] (Sony Corporation)
Task: {9DE6CA9C-F2F3-41C2-A3A6-17EF60B716B4} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2011-12-27] (Sony Corporation)
Task: {9FE56D4B-10AD-4C9E-94C7-F500671677F2} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {A338ED80-5604-43A8-9EFA-C2B50E38A69D} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {A495BE50-FB22-4C66-9C21-430F5A538D29} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-286748799-151874876-589906257-1000UA => C:\Users\Henne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {AA4361A8-CF4C-43B8-9DD9-B98AEB66FC14} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {AC58C79E-77D9-4861-8397-534849CD4F92} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2011-12-27] (Sony Corporation)
Task: {B7E06A55-2270-498E-A798-743C25D000DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-02] (Microsoft Corporation)
Task: {BD69F661-EDDB-4AD2-BED6-92374E7B7F21} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {BE0FA819-DC37-4A4B-8F32-729E22F0E1D6} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {C4FF7510-6EB0-43B8-B3D8-A0F64484DA75} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-06-09] (Dropbox, Inc.)
Task: {C57D301F-F71D-444F-B8CE-B4B04C63DB10} - System32\Tasks\{F7538046-8795-4FB1-A18F-A7DE10E8EB50} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.10.0.116&LastError=12002
Task: {CBC57403-F7DF-4EB8-8749-9B668EB4F6CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-02] (Microsoft Corporation)
Task: {CF49B320-3ABA-4FCB-A721-04D6520E8DF8} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-03-07] (Sony Corporation)
Task: {D078396B-375B-428A-85A3-A6B5FC9C0C65} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net
Task: {F3AE38F8-81B3-4B82-84FC-836CF7E4B1DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-14] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-22 13:09 - 2016-09-22 13:09 - 00031256 _____ () C:\Windows\System32\ssk4mlm.dll
2012-04-16 03:51 - 2012-03-13 18:01 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2011-11-30 18:49 - 2011-11-30 18:49 - 00321024 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00179712 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00054784 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00061440 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00037376 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 02229760 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00035840 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00055296 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00137728 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00134144 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00024064 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2011-11-30 18:49 - 2011-11-30 18:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll
2017-05-17 14:16 - 2017-05-17 14:16 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-05-31 13:07 - 2016-05-31 13:07 - 00254944 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2017-05-16 18:41 - 2017-05-16 18:41 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5339837cf67662c339fe25f3aa0ff69c\IsdiInterop.ni.dll
2012-04-16 03:52 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-29 22:50 - 2016-10-26 17:05 - 00074720 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-10-29 22:50 - 2016-12-15 17:08 - 00212008 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll
2012-04-16 03:51 - 2012-03-13 18:02 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-286748799-151874876-589906257-1000\...\sharepoint.com -> hxxps://umuenster-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-06-04 20:24 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-286748799-151874876-589906257-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Henne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 137.248.1.5 - 137.248.21.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{51D194CE-FA5B-4F12-B14B-F9C463ACEAE2}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{46E73BB7-BC86-4F41-8DD9-301DB77EE56D}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{292065B7-623C-4BFA-B2DF-0CF96ABAF236}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{09E7E676-2C42-41E5-8EB5-14477BFD7552}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{EDB18A87-BE36-4012-A077-ED30F3C70AD2}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{640BAA58-45CB-4373-B2BF-ADA3DA97C1BF}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{77191840-EA39-479A-9DF3-B55713E46D93}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{7F0C7C59-729B-4917-86A4-8B4D5C7824C3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{51A92422-5AD3-4B4E-B4BD-74838294C6A0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{525B170F-B7BC-4886-A426-EB4CD4CC6B95}] => (Allow) LPort=2869
FirewallRules: [{4D34D186-A1A3-4219-8A9C-8973A1D15062}] => (Allow) LPort=1900
FirewallRules: [{78EEE599-2AB8-4190-94DD-9A09BE3260BE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{75137DE1-E44B-427C-B513-CB48C2FBFC1C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E2BB3094-0344-4A95-935C-B2AEADB40E5D}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{0C87A21C-5D9D-404F-9060-860A8F7D8784}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{2CD77EDE-2252-4BBE-A0CB-6FEFAF4B9ED2}] => (Allow) C:\Program Files (x86)\SPSSInc\PASWStatistics18\WinWrapIDE.exe
FirewallRules: [{77FD8CC5-9DAB-47DE-8F18-0E625F1EF4BA}] => (Allow) C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.com
FirewallRules: [{FC6197E2-D792-4AA8-ABDC-5E2660B97814}] => (Allow) C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.exe
FirewallRules: [{8822C918-4C11-456B-AE92-2E78E0407C8E}] => (Allow) C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.com
FirewallRules: [{C3698369-B0DB-444E-9189-D4DF3FC42DD9}] => (Allow) C:\Program Files (x86)\SPSSInc\PASWStatistics18\paswstat.exe
FirewallRules: [{C95A520E-1C81-4277-923A-1FBAE0A9C045}] => (Allow) C:\Program Files (x86)\SPSSInc\PASWStatistics18\WinWrapIDE.exe
FirewallRules: [TCP Query User{E269C86C-2DE8-4510-B3DF-F506BB980165}C:\program files (x86)\spssinc\paswstatistics18\paswstat.exe] => (Allow) C:\program files (x86)\spssinc\paswstatistics18\paswstat.exe
FirewallRules: [UDP Query User{B6DC0F8B-FF32-43B8-9D7D-912C15A8F533}C:\program files (x86)\spssinc\paswstatistics18\paswstat.exe] => (Allow) C:\program files (x86)\spssinc\paswstatistics18\paswstat.exe
FirewallRules: [TCP Query User{06BB8861-2353-4326-B957-111866AB3E1B}C:\users\henne\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\henne\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7BE6D233-1029-48B9-95A7-5870A865EBF2}C:\users\henne\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\henne\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{835F505D-08B8-44DF-B23E-84B1EC934111}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CE7AEF4E-2743-4697-9129-4020B8F88A5B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{92E494B1-2E73-46CB-8EBE-73C95E0D27CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F6651108-A59B-49FF-9166-5050D8276A65}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4F47FFC2-D4DE-4E3F-9F9D-6367DFFC626B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2F4F394E-4881-4829-A8D6-BA308A00AA68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{13C29763-3991-4997-8A45-686E10695ABD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{647FDC90-3DA5-4F9A-B3CD-884CEF247096}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{0C29DC5B-88B5-4387-9594-491F9FF59145}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1DA25AF8-F59B-4731-AB16-DD0EB60EE370}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9E57B829-2507-4600-B789-30F47C5DAEC9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{725C9078-E7F6-4BBF-B18B-37F97E101931}] => (Allow) C:\Users\Henne\AppData\Local\Temp\7zS4A82\HP.EasyStart.exe
FirewallRules: [{826558D6-E812-4E24-A3D3-E53CCA478951}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxApplications.exe
FirewallRules: [{B9B83C88-4AFE-4468-AE41-A549CE0F7642}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\DigitalWizards.exe
FirewallRules: [{87A843AC-F578-488C-91EA-71A4FA1BAB8B}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\SendAFax.exe
FirewallRules: [{9F4F6695-8561-43D6-871E-CC9761E90C2A}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxPrinterUtility.exe
FirewallRules: [{DA01031D-2E66-408F-90E8-9C0DD1EA58CD}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\DeviceSetup.exe
FirewallRules: [{A4847E70-64FA-4046-A89C-85FE534C87A5}] => (Allow) LPort=5357
FirewallRules: [{134459B6-6BDC-44B7-A348-F13E13631A8D}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CCCA2957-0AD4-41FA-A018-76F84D2D6DAF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{954FDFEB-BA88-472E-A115-1CC899F03B61}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{711EDBE1-C58D-46B3-A373-C98EBB810D26}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E54873F1-31A0-44E2-B5CF-2FD1A5E5066B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
18-08-2017 13:14:14 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
18-08-2017 13:21:18 Revo Uninstaller's restore point - Adobe AIR
18-08-2017 13:22:23 Revo Uninstaller's restore point - Adobe AIR
18-08-2017 13:23:28 Revo Uninstaller's restore point - Yahoo Search Set
18-08-2017 13:24:31 Revo Uninstaller's restore point - WinRAR 4.20 (32-bit)
18-08-2017 13:25:38 Revo Uninstaller's restore point - DriverScanner
18-08-2017 13:26:53 Revo Uninstaller's restore point - chip 1-click download service
18-08-2017 13:27:15 chip 1-click download service wurde entfernt.
18-08-2017 13:29:06 Revo Uninstaller's restore point - Bing Bar
18-08-2017 13:33:50 Revo Uninstaller's restore point - Adobe Shockwave Player 12.2
18-08-2017 13:37:50 Revo Uninstaller's restore point - HP Photo Creations
18-08-2017 18:51:44 Windows Update
21-08-2017 23:43:23 JRT Pre-Junkware Removal
22-08-2017 23:53:31 Windows Update
23-08-2017 10:21:53 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/23/2017 10:21:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (08/23/2017 10:21:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (08/23/2017 10:20:50 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (08/23/2017 10:20:03 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (08/23/2017 10:18:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/23/2017 10:02:45 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (08/23/2017 10:02:14 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (08/23/2017 10:00:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DSATray.exe, Version: 2.8.0.7, Zeitstempel: 0x591df18d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23864, Zeitstempel: 0x595fa536
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x47c
Startzeit der fehlerhaften Anwendung: 0xDSATray.exe0
Pfad der fehlerhaften Anwendung: DSATray.exe1
Pfad des fehlerhaften Moduls: DSATray.exe2
Berichtskennung: DSATray.exe3
Error: (08/23/2017 10:00:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/23/2017 10:00:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DSATray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.IO.PipeException
Ausnahmeinformationen: System.ServiceModel.EndpointNotFoundException
Server stack trace:
bei System.ServiceModel.Channels.PipeConnectionInitiator.GetPipeName(Uri uri, IPipeTransportFactorySettings transportFactorySettings)
bei System.ServiceModel.Channels.NamedPipeConnectionPoolRegistry.NamedPipeConnectionPool.GetPoolKey(EndpointAddress address, Uri via)
bei System.ServiceModel.Channels.CommunicationPool`2.TakeConnection(EndpointAddress address, Uri via, TimeSpan timeout, TKey& key)
bei System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
bei IDsa.GetStringSetting(System.String)
bei DSATray.App.SetCulture()
bei DSATray.App.InitApplication()
bei DSATray.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1_0(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei DSATray.App.Main()
Systemfehler:
=============
Error: (08/23/2017 01:50:33 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 137.248.147.2 mit dem Computer mit der
Netzwerkhardwareadresse 84-98-66-D2-59-C5 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (08/23/2017 10:35:01 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (08/23/2017 10:35:01 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
Error: (08/23/2017 10:24:51 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
Error: (08/23/2017 10:24:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "F-Secure Hoster" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/23/2017 10:24:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "F-Secure Hoster (Restricted)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/23/2017 10:24:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Energy Server Service queencreek" wurde mit folgendem Fehler beendet:
%%538
Error: (08/23/2017 10:22:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Energy Server Service queencreek" wurde nicht richtig gestartet.
Error: (08/23/2017 10:17:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/23/2017 10:17:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK erreicht.
CodeIntegrity:
===================================
Date: 2016-06-04 20:19:54.882
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-06-04 20:19:54.803
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 3996.36 MB
Verfügbarer physikalischer RAM: 1896.4 MB
Summe virtueller Speicher: 7990.9 MB
Verfügbarer virtueller Speicher: 4579.59 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:681.56 GB) (Free:586.91 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 2FAF413A)
Partition 1: (Not Active) - (Size=16.7 GB) - (Type=27)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681.6 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-06-2016
durchgeführt von Henne (Administrator) auf HENNE-VAIO (23-08-2017 14:32:20)
Gestartet von C:\Users\Henne\Desktop\FRST
Geladene Profile: Henne (Verfügbare Profile: Henne)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Chip Digital GmbH) C:\Users\Henne\AppData\Local\Temp\DMR\dmr_72.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Oracle Corporation) C:\Users\Henne\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\08623e456b29f8f57b0917bb0a9ec928\jre-8u144-windows-x64.exe
(Oracle Corporation) C:\Users\Henne\AppData\Local\Temp\jds1149727.tmp\jre-8u144-windows-x64.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-23] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-22] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-22] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1224704 2017-05-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [132856 2017-05-18] (Intel)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-286748799-151874876-589906257-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.18.0.dll [2017-08-22] (Dropbox, Inc.)
Startup: C:\Users\Henne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-17]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Henne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP OfficeJet 3830 series.lnk [2017-08-23]
ShortcutTarget: Tintenwarnungen überwachen - HP OfficeJet 3830 series.lnk -> C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 137.248.1.5 137.248.21.22 137.248.1.8
Tcpip\..\Interfaces\{0D713707-4BE8-4507-B0A6-25D517E0FCC4}: [DhcpNameServer] 137.248.1.5 137.248.21.22 137.248.1.8
Tcpip\..\Interfaces\{18F7C29F-1124-4A51-B5D1-625012668646}: [DhcpNameServer] 10.130.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-286748799-151874876-589906257-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-286748799-151874876-589906257-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-286748799-151874876-589906257-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKU\S-1-5-21-286748799-151874876-589906257-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-286748799-151874876-589906257-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-286748799-151874876-589906257-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-286748799-151874876-589906257-1000 -> {99F849CF-97A2-4C30-8D3F-754F16A1A5AF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q212&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-286748799-151874876-589906257-1000 -> {DBF08620-A26E-4BAA-8F31-3A62C795A081} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-14] (Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2017-05-14] (F-Secure Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120923220117.dll => Keine Datei
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-06-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-16] (Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2017-05-14] (F-Secure Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-27] (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120923220118.dll => Keine Datei
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-23] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-06-16] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-08-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-27] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-06-16] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-06-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Henne\AppData\Roaming\Mozilla\Firefox\Profiles\i626iex2.default-1441745255611
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-03-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-03-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-06-16] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-06-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2017-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2017-05-22]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-03] <==== ACHTUNG
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-23] (Atheros Commnucations) [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122824 2017-08-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-09] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-08-22] (Dropbox, Inc.)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [112256 2012-03-21] (Atheros Communication Inc.) [Datei ist nicht signiert]
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-05-18] (Intel)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [218080 2016-10-26] (F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [67640 2017-05-10] (F-Secure Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-03-13] (Intel Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-23] (Atheros) [Datei ist nicht signiert]
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [421664 2012-02-23] (Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [230552 2017-06-28] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106648 2017-06-28] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2016-07-06] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-02-28] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [120016 2017-05-14] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2014-06-24] ()
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [36128 2012-02-23] (Atheros)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-03-13] (Synaptics Incorporated)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2017-05-17] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 RSPCIESTOR; system32\DRIVERS\RtsPStor.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-23 10:42 - 2017-08-23 10:42 - 00346373 _____ C:\Users\Henne\Downloads\Tursich_et_al-2015-Acta_Psychiatrica_Scandinavica.pdf
2017-08-23 10:35 - 2017-08-23 10:35 - 00000000 ____D C:\Users\Henne\AppData\LocalLow\Oracle
2017-08-23 10:35 - 2017-08-23 10:35 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-08-23 10:32 - 2017-08-23 10:32 - 01526792 _____ C:\Users\Henne\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2017-08-23 10:10 - 2017-08-23 10:10 - 08185288 _____ (Malwarebytes) C:\Users\Henne\Downloads\adwcleaner_7.0.1.0(1).exe
2017-08-22 21:35 - 2017-08-22 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-22 18:55 - 2017-08-22 18:55 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-08-22 18:55 - 2017-08-22 18:55 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-08-22 18:55 - 2017-08-22 18:55 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-08-22 18:55 - 2017-08-22 18:55 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-08-21 23:49 - 2017-08-23 10:27 - 00000554 _____ C:\Users\Henne\Desktop\JRT.txt
2017-08-21 23:42 - 2017-08-21 23:42 - 01790024 _____ (Malwarebytes) C:\Users\Henne\Downloads\JRT.exe
2017-08-21 23:25 - 2017-08-23 10:14 - 00000000 ____D C:\AdwCleaner
2017-08-21 23:24 - 2017-08-21 23:24 - 08185288 _____ (Malwarebytes) C:\Users\Henne\Downloads\adwcleaner_7.0.1.0.exe
2017-08-21 22:31 - 2017-08-21 22:31 - 00021528 _____ C:\Users\Henne\Downloads\PB_Überweisung_KtoNr0592064207_21-08-2017_2225.pdf
2017-08-19 15:15 - 2017-08-19 15:15 - 00531864 _____ C:\Users\Henne\Downloads\appi.ajp.2007.07030504.pdf
2017-08-19 00:20 - 2017-08-19 09:38 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-08-19 00:19 - 2017-08-19 09:38 - 00000000 ____D C:\Users\Henne\Desktop\mbar
2017-08-19 00:18 - 2017-08-19 00:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Henne\Downloads\mbar-1.09.3.1001.exe
2017-08-18 13:12 - 2017-08-18 13:12 - 00001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-18 13:12 - 2017-08-18 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-18 13:12 - 2017-08-18 13:12 - 00000000 ____D C:\Program Files\VS Revo Group
2017-08-18 13:11 - 2017-08-18 13:11 - 07178424 _____ (VS Revo Group ) C:\Users\Henne\Downloads\revosetup_v2.0.3.exe
2017-08-17 21:40 - 2017-08-17 21:41 - 00070289 _____ C:\Users\Henne\Downloads\Addition.txt
2017-08-17 21:36 - 2017-08-23 14:32 - 00000000 ____D C:\FRST
2017-08-17 21:36 - 2017-08-17 21:41 - 00064090 _____ C:\Users\Henne\Downloads\FRST.txt
2017-08-17 21:35 - 2017-08-17 21:35 - 02395648 _____ (Farbar) C:\Users\Henne\Downloads\FRST64.exe
2017-08-12 13:26 - 2017-08-12 13:27 - 00820816 _____ C:\Users\Henne\Documents\Dänemark_Partneruniversität.pdf
2017-08-09 13:43 - 2017-07-29 16:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-09 13:43 - 2017-07-21 16:26 - 00518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-09 13:43 - 2017-07-21 16:26 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-08-09 13:43 - 2017-07-21 16:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-08-09 13:43 - 2017-07-21 16:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-08-09 13:43 - 2017-07-15 20:35 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-08-09 13:43 - 2017-07-15 19:52 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-08-09 13:43 - 2017-07-14 17:29 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-08-09 13:43 - 2017-07-14 17:12 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-08-09 13:43 - 2017-07-14 17:12 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-08-09 13:43 - 2017-07-14 17:11 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-08-09 13:43 - 2017-07-14 17:10 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-08-09 13:43 - 2017-07-14 17:10 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-08-09 13:43 - 2017-07-14 17:00 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-08-09 13:43 - 2017-07-14 17:00 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-08-09 13:43 - 2017-07-14 16:59 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-08-09 13:43 - 2017-07-14 16:59 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-08-09 13:43 - 2017-07-14 16:57 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-09 13:43 - 2017-07-14 16:50 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-08-09 13:43 - 2017-07-14 16:50 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-08-09 13:43 - 2017-07-14 09:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-08-09 13:43 - 2017-07-14 09:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-08-09 13:43 - 2017-07-14 08:49 - 25733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-08-09 13:43 - 2017-07-14 08:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-08-09 13:43 - 2017-07-14 08:45 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-08-09 13:43 - 2017-07-14 08:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-08-09 13:43 - 2017-07-14 08:44 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-08-09 13:43 - 2017-07-14 08:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-08-09 13:43 - 2017-07-14 08:38 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-08-09 13:43 - 2017-07-14 08:29 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-08-09 13:43 - 2017-07-14 08:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-08-09 13:43 - 2017-07-14 08:22 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-08-09 13:43 - 2017-07-14 08:20 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-08-09 13:43 - 2017-07-14 08:20 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-08-09 13:43 - 2017-07-14 08:19 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-08-09 13:43 - 2017-07-14 08:19 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-08-09 13:43 - 2017-07-14 08:08 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-08-09 13:43 - 2017-07-14 08:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-08-09 13:43 - 2017-07-14 07:49 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-08-09 13:43 - 2017-07-14 07:48 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-08-09 13:43 - 2017-07-14 07:47 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-08-09 13:43 - 2017-07-14 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-08-09 13:43 - 2017-07-14 07:40 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-08-09 13:43 - 2017-07-14 07:35 - 05981184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-08-09 13:43 - 2017-07-14 07:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-08-09 13:43 - 2017-07-14 07:33 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-08-09 13:43 - 2017-07-14 07:16 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-08-09 13:43 - 2017-07-14 07:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-08-09 13:43 - 2017-07-14 07:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-08-09 13:43 - 2017-07-14 07:09 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-08-09 13:43 - 2017-07-14 07:09 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-08-09 13:43 - 2017-07-14 06:40 - 15254016 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-08-09 13:43 - 2017-07-14 06:23 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-08-09 13:43 - 2017-07-14 06:07 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-08-09 13:43 - 2017-07-14 05:58 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-08-09 13:43 - 2017-07-14 05:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-08-09 13:43 - 2017-07-14 04:54 - 20270080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-08-09 13:43 - 2017-07-14 04:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-08-09 13:43 - 2017-07-14 04:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-08-09 13:43 - 2017-07-14 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-08-09 13:43 - 2017-07-14 04:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-08-09 13:43 - 2017-07-14 04:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-08-09 13:43 - 2017-07-14 04:44 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-08-09 13:43 - 2017-07-14 04:42 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-08-09 13:43 - 2017-07-14 04:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-08-09 13:43 - 2017-07-14 04:39 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-08-09 13:43 - 2017-07-14 04:38 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-08-09 13:43 - 2017-07-14 04:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-08-09 13:43 - 2017-07-14 04:38 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-08-09 13:43 - 2017-07-14 04:30 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-08-09 13:43 - 2017-07-14 04:26 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-08-09 13:43 - 2017-07-14 04:25 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-08-09 13:43 - 2017-07-14 04:25 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-08-09 13:43 - 2017-07-14 04:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-08-09 13:43 - 2017-07-14 04:22 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-08-09 13:43 - 2017-07-14 04:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-08-09 13:43 - 2017-07-14 04:20 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-08-09 13:43 - 2017-07-14 04:17 - 04546048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-08-09 13:43 - 2017-07-14 04:13 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-08-09 13:43 - 2017-07-14 04:12 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-08-09 13:43 - 2017-07-14 04:11 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-08-09 13:43 - 2017-07-14 04:11 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-08-09 13:43 - 2017-07-14 04:09 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-08-09 13:43 - 2017-07-14 03:53 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-08-09 13:43 - 2017-07-14 03:50 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-08-09 13:43 - 2017-07-14 03:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-08-09 13:43 - 2017-07-08 17:34 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-08-09 13:43 - 2017-07-08 17:00 - 03224064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-08-09 13:43 - 2017-07-07 17:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-08-09 13:43 - 2017-07-07 17:33 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-08-09 13:43 - 2017-07-07 17:33 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-08-09 13:43 - 2017-07-07 17:33 - 00363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-08-09 13:43 - 2017-07-07 17:33 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-08-09 13:43 - 2017-07-07 17:33 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-08-09 13:43 - 2017-07-07 17:31 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:15 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-08-09 13:43 - 2017-07-07 17:15 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-08-09 13:43 - 2017-07-07 17:13 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-08-09 13:43 - 2017-07-07 17:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:10 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-08-09 13:43 - 2017-07-07 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-08-09 13:43 - 2017-07-07 17:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-08-09 13:43 - 2017-07-07 17:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-08-09 13:43 - 2017-07-07 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-08-09 13:43 - 2017-07-07 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-08-09 13:43 - 2017-07-07 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-08-09 13:43 - 2017-07-07 16:54 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-08-09 13:43 - 2017-07-07 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-08-09 13:43 - 2017-07-07 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-08-09 13:43 - 2017-07-07 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-08-09 13:43 - 2017-07-07 16:51 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-08-09 13:43 - 2017-07-07 16:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-08-09 13:43 - 2017-07-07 16:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-08-09 13:43 - 2017-07-07 16:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-08-09 13:43 - 2017-07-07 16:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-08-09 13:43 - 2017-07-07 16:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-08-09 13:43 - 2017-07-07 16:47 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 16:47 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 16:47 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-08-09 13:43 - 2017-07-07 16:47 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-08-09 13:43 - 2017-07-01 15:05 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-08-09 13:19 - 2017-08-09 13:29 - 05763072 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-08-06 11:23 - 2017-08-06 11:23 - 00000040 _____ C:\Windows\system32\﹠È
2017-07-27 11:53 - 2017-07-27 11:53 - 00000000 ____D C:\Users\Henne\AppData\Roaming\Yahoo
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-23 14:16 - 2017-06-09 15:11 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-08-23 10:43 - 2017-06-16 14:59 - 00000000 ___RD C:\Users\Henne\Dropbox (Psycho-Team)
2017-08-23 10:31 - 2009-07-14 06:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-23 10:31 - 2009-07-14 06:45 - 00028576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-23 10:28 - 2016-11-21 19:00 - 00000000 ____D C:\Users\Henne\AppData\LocalLow\Mozilla
2017-08-23 10:25 - 2012-09-23 00:33 - 00000000 ____D C:\Users\Henne\AppData\Roaming\Skype
2017-08-23 10:16 - 2017-06-09 15:11 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-08-23 10:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-23 10:00 - 2012-09-21 20:20 - 00000000 ____D C:\Users\Henne\AppData\Local\CrashDumps
2017-08-22 23:58 - 2012-04-16 04:26 - 00700118 _____ C:\Windows\system32\perfh007.dat
2017-08-22 23:58 - 2012-04-16 04:26 - 00149968 _____ C:\Windows\system32\perfc007.dat
2017-08-22 23:58 - 2011-02-11 01:03 - 01596508 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-08-22 23:58 - 2009-07-14 07:13 - 01596508 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-22 23:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-08-22 21:35 - 2017-06-09 15:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-08-22 11:40 - 2013-11-06 23:07 - 00000000 ____D C:\Users\Henne\Documents\Bewerbung
2017-08-22 11:00 - 2017-05-22 13:09 - 00000000 ____D C:\Users\Henne\Documents\Citavi 5
2017-08-21 23:42 - 2012-04-16 04:36 - 00000000 ____D C:\ProgramData\Skype
2017-08-19 00:20 - 2016-06-01 21:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-19 00:19 - 2016-06-01 21:26 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-08-18 13:44 - 2015-05-26 17:58 - 00000000 ____D C:\Users\Henne\Documents\Frankreisch
2017-08-18 13:44 - 2013-06-05 13:16 - 00000000 ____D C:\Users\Henne\Documents\Bafög
2017-08-18 13:38 - 2016-09-16 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-08-18 13:22 - 2012-04-16 04:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-08-15 12:16 - 2012-04-16 04:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-14 18:47 - 2014-02-10 01:05 - 00000000 ____D C:\Users\Henne\Documents\was einfach gesagt werden muss
2017-08-14 10:25 - 2015-03-10 03:31 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-10 03:43 - 2009-07-14 06:45 - 00542312 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-10 03:16 - 2013-07-18 22:55 - 00000000 ____D C:\Windows\system32\MRT
2017-08-10 03:03 - 2013-04-25 14:55 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-09 13:29 - 2012-04-16 04:20 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-08-09 13:29 - 2012-04-16 04:20 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-09 13:29 - 2012-04-16 04:20 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-08-09 13:29 - 2012-04-16 04:20 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-09 13:29 - 2012-04-16 04:20 - 00000000 ____D C:\Windows\system32\Macromed
2017-08-02 23:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-07-28 15:45 - 2013-01-08 15:39 - 00000000 ____D C:\Users\Henne\Documents\uni
2017-07-27 11:50 - 2016-06-06 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-27 11:50 - 2016-06-06 15:43 - 00000000 ____D C:\Program Files (x86)\Java
2017-07-27 11:48 - 2016-06-06 15:44 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-11-24 00:47 - 2016-11-24 00:47 - 0001497 _____ () C:\Users\Henne\AppData\Local\recently-used.xbel
2016-09-16 21:57 - 2016-09-16 21:57 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Henne\AppData\Local\Temp\GUR8D1C.exe
C:\Users\Henne\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Henne\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Henne\AppData\Local\Temp\jre-8u121-windows-au.exe
C:\Users\Henne\AppData\Local\Temp\jre-8u131-windows-au.exe
C:\Users\Henne\AppData\Local\Temp\jre-8u141-windows-au.exe
C:\Users\Henne\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Henne\AppData\Local\Temp\{8473BCD7-F642-4859-B81E-3EA2BDB04DE3}-DropboxClient_16.4.29.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-08-22 12:30
==================== Ende von FRST.txt ============================
Hier die zwei Codes. |
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
dann auf 
und dann auf 
. 