| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Online-Banking-Account gesperrt - Verdacht auf TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.09.2015, 20:53
| #1 | |
 |  Online-Banking-Account gesperrt - Verdacht auf Trojaner Hallo, bin hier neu, und melde mich (wie sollte es anders sein) mit einem Problem: Ich erhielt einen Anruf von meinem Bankberater, daß er meinen Online-Banking-Zugang sperren bzw. sogar löschen muß, da er informiert wurde, daß der Verdacht auf einen Trojaner auf meinem PC besteht. Ist mir zwar unklar, wie die darauf kommen, da ich ja bei einem unbefugten Überweisungsversuch eine mobileTAN als SMS auf mein Handy bekommen würde. Auslöser war wohl angeblich eine Überweisung meinerseits an kraken.com (Bitcoin, kennt sicher der eine oder andere). Die Überweisung funktionierte nicht, ich machte mehrere Versuche mit verschiedenen Beträge, leider erfolglos. Erst ein Telefonat mit der Hotline meines Online-Banking-Anbieters konnte hier Abhilfe schaffen, scheinbar hatten die einen Fehler in ihrem System (ein Monat zuvor bereits klappte aber eine derartige Überweisung problemlos). So, und nun schickt mir mein Berater neue Zugangsdaten für mein Konto, ich soll aber unbedingt meinen PC bereinigen bzw. neu aufsetzen (ersteres wäre mir natürlich lieber). Und die neuen Zugangsdaten erst danach auf diesem PC verwenden, bis dahin kann ich Tablet oder Handy verwenden. Ich habe als erste Maßnahme mal Avira mit den (meiner Meinung nach) höchsten Einstellungen suchen lassen, dauerte etwa fünfeinhalb Stunden, dabei wurde einiges entdeckt, was ich dann in Quarantäne verschoben habe. Ob da allerdings wirklich gefährliches dabei war, kann ich nicht beurteilen. Anbei der Report des Avira-Scans Zitat:
__________________ ___________ MfG Gustavo |
|
04.09.2015, 21:41
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Online-Banking-Account gesperrt - Verdacht auf Trojaner Du hast da aber einiges an Schund drin!
__________________ Neben den ganzen riskanten Müll für Smartphones zB sowas hier: Zitat:
  Lesestoff:Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ |
|
04.09.2015, 21:56
| #3 |
| | Online-Banking-Account gesperrt - Verdacht auf Trojaner Ist ja schon ewig her, wußte ich schon gar nicht mehr... wer verwendet noch Nokia... schon gelöscht.
__________________Ist da jetzt wirklich was ernstes dabei gewesen? Was kann/soll ich noch tun? Edit: Nachtrag - hatte die Total IR Remote damals dann schon wirklich gekauft, wollte damals nur vorher probieren. Lege schon wert auf legale Software. Nur so am Rande...
__________________ |
|
04.09.2015, 21:59
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Online-Banking-Account gesperrt - Verdacht auf Trojaner Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.09.2015, 22:16
| #5 |
| | Online-Banking-Account gesperrt - Verdacht auf Trojaner Nein, keine weiteren Logs. Habe nach Viren- bzw. Trojaner-Scannern gegoogelt, da gibt's so viel, daß ich nicht wußte, was ich noch nehmen sollte. Wollte auch nicht noch unnötiges installieren, denn bei der Suche bin ich auch auf dieses Forum gestossen, und das sieht hier sehr vielversprechend aus, nach dem was ich hier bisher gelesen habe. Anbei die gewünschten Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
durchgeführt von HP (Administrator) auf HP-HEIMPC (04-09-2015 23:03:35)
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP (Verfügbare Profile: HP)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mirko Böer) C:\Program Files (x86)\SSS\SimpleScreenshot.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTune.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTHelper.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTHelper64.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.17994_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-18] (IDT, Inc.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SimpleScreenshot] => C:\Program Files (x86)\SSS\SimpleScreenshot.exe [2255360 2013-08-05] (Mirko Böer)
HKLM-x32\...\Run: [DT_HPO] => C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe [142112 2015-07-10] (HP)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\RunOnce: [NSIS.Library.RegTool.v3] => C:\Program Files (x86)\ownCloud\shellext\NSIS.Library.RegTool.v3.{06722068-6C86-48F5-A7AC-43CDE292B232}.exe [6656 2015-08-06] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1748494 2015-09-01] ()
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2012-11-29]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-04-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Verbindungsmanager.lnk [2015-03-17]
ShortcutTarget: Verbindungsmanager.lnk -> C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe ()
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\..\Interfaces\{9252B9FC-E758-4989-AE58-FD68BF89DF41}: [DhcpNameServer] 195.128.104.1 195.128.104.2
Tcpip\..\Interfaces\{A4348365-5EAE-4227-BBCA-DD8A06096FEF}: [NameServer] 195.128.104.1,195.128.104.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/13
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/13
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/13
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM -> {9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2318628955-210851437-4052573652-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-2318628955-210851437-4052573652-1001 -> {9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2318628955-210851437-4052573652-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-2318628955-210851437-4052573652-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll Keine Datei
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2318628955-210851437-4052573652-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR DefaultSearchURL: Default -> "url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}"
CHR DefaultSearchKeyword: Default -> google.at___
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-07]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-07]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-07]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-07]
CHR Extension: (Classic Games) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc [2015-08-07]
CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-07]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-08-07]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-07]
CHR Extension: (Avira Browser Safety) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-07]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Custom new tab) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkijekempmdlleaimfelifcejbkmcd [2015-08-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-07]
CHR Extension: (Google Maps) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-08-07]
CHR Extension: (Messenger (Unofficial)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok [2015-08-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Better History) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-08-07]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2012-10-18] (Andrea Electronics Corporation) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AVerRemote; c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [364544 2012-08-08] (AVerMedia) [Datei ist nicht signiert]
R2 AVerScheduleService; c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2012-08-08] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [227592 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-27] (CyberLink)
R2 DTuneSrvc; C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe [122656 2015-06-09] (Portrait Displays, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Users\HP\AppData\Local\Temp\7zS5E4C\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-18] (IDT, Inc.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [196096 2012-07-11] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hpnuhst; C:\Windows\System32\drivers\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\drivers\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-04 23:03 - 2015-09-04 23:04 - 00035012 _____ C:\Users\HP\Desktop\FRST.txt
2015-09-04 23:03 - 2015-09-04 23:03 - 00000000 ____D C:\FRST
2015-09-04 23:02 - 2015-09-04 23:02 - 02188800 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2015-09-04 21:47 - 2015-09-04 21:47 - 00010070 _____ C:\Users\HP\Desktop\Ereignisse.txt
2015-09-04 20:59 - 2015-09-04 20:58 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-04 20:58 - 2015-09-04 20:59 - 00000000 ____D C:\Users\HP\.oracle_jre_usage
2015-09-04 20:58 - 2015-09-04 20:58 - 00000000 ____D C:\Users\HP\AppData\Roaming\Sun
2015-08-22 21:48 - 2015-08-22 21:48 - 00000856 _____ C:\Users\HP\AppData\Local\recently-used.xbel
2015-08-22 18:24 - 2015-08-22 18:24 - 00005556 _____ C:\Users\HP\Downloads\SystemInfo.txt
2015-08-22 16:19 - 2015-08-22 16:20 - 11660480 _____ (Portrait Displays, Inc.) C:\Users\HP\Downloads\MyDisplay_TouchSmartEdition.exe
2015-08-20 19:08 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 19:08 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-16 19:45 - 2015-08-17 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer Demo
2015-08-16 19:45 - 2015-08-17 19:52 - 00000000 ____D C:\ProgramData\CMUV
2015-08-16 19:44 - 2015-08-16 19:45 - 05780416 _____ (CM&V ) C:\Users\HP\Downloads\DVBViewer_setup_demo.exe
2015-08-16 19:43 - 2015-08-16 19:43 - 00304783 _____ C:\Users\HP\Downloads\compatibility.zip
2015-08-16 18:32 - 2015-08-16 18:32 - 00001209 _____ C:\Users\HP\Desktop\Bitfinex Erträge.xlsx - Verknüpfung.lnk
2015-08-15 19:56 - 2015-08-15 19:56 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-15 19:52 - 2015-08-15 19:52 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\HP\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-08-12 09:56 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:56 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:18 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 09:18 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 09:18 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 09:18 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 09:18 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 09:18 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 09:18 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 09:18 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 09:18 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 09:18 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 09:17 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 09:17 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 09:17 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 09:17 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 09:17 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 09:17 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 09:17 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 09:17 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 09:17 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 09:17 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 09:17 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 09:17 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 09:17 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 09:17 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 09:17 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 09:17 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 09:17 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 09:17 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 09:17 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 09:17 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 09:17 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 09:17 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 09:17 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 09:17 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 09:17 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 09:17 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 09:17 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 09:17 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 09:17 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 09:16 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 09:16 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 09:16 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 09:16 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 09:16 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 09:16 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 09:16 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 09:16 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 09:16 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 09:16 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 09:16 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 09:16 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 09:16 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 09:16 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 09:16 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 09:16 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 09:15 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 09:15 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 09:15 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 09:15 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 09:15 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 09:15 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 09:15 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 09:15 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 09:15 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 09:15 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 09:15 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 09:15 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 09:15 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 09:15 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 09:15 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 09:15 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 09:15 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 09:15 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 09:15 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 09:15 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 09:15 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 09:15 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 09:15 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 09:15 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 09:15 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 09:15 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 09:15 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-07 12:48 - 2015-08-07 13:56 - 00015155 _____ C:\Users\HP\Desktop\Microsoft Excel Worksheet (neu).xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-04 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-04 22:59 - 2014-09-13 17:52 - 00003612 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2318628955-210851437-4052573652-1001
2015-09-04 22:35 - 2013-04-24 00:15 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-04 22:21 - 2013-04-23 23:52 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2318628955-210851437-4052573652-1001
2015-09-04 21:01 - 2013-10-26 09:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\ClassicShell
2015-09-04 20:59 - 2014-07-20 08:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-04 20:59 - 2014-01-19 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-04 20:59 - 2013-12-01 18:30 - 00000000 ____D C:\ProgramData\Oracle
2015-09-04 20:58 - 2014-07-20 08:58 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-04 20:58 - 2014-07-20 08:58 - 00000000 ____D C:\Program Files\Java
2015-09-04 20:58 - 2013-10-19 10:58 - 00000000 ____D C:\Users\HP
2015-09-04 20:44 - 2013-10-19 10:54 - 01736993 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-04 19:25 - 2013-10-19 15:23 - 00000000 ___RD C:\Users\HP\SkyDrive
2015-09-04 18:40 - 2013-11-03 17:17 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1EB6A0B-8DA7-4261-9888-0A714FEEEAE0}
2015-09-04 18:39 - 2014-12-25 21:11 - 00000000 ____D C:\Users\HP\ownCloud
2015-09-04 18:38 - 2015-07-03 19:18 - 00001021 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-09-04 18:38 - 2014-12-25 20:52 - 00001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-09-04 18:38 - 2014-12-25 20:52 - 00000000 ____D C:\Users\HP\AppData\Local\ownCloud
2015-09-04 18:38 - 2014-12-25 20:51 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-09-04 18:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-04 18:37 - 2013-08-22 16:46 - 00465087 _____ C:\WINDOWS\setupact.log
2015-09-04 18:37 - 2013-04-24 00:15 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-02 19:21 - 2014-08-14 19:21 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-02 19:21 - 2013-04-26 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-02 19:19 - 2013-09-29 21:04 - 00260652 _____ C:\WINDOWS\PFRO.log
2015-09-02 19:19 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-02 19:19 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-02 03:33 - 2013-09-30 06:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-02 03:33 - 2013-09-30 05:56 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-02 03:33 - 2013-09-30 05:56 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-30 20:58 - 2013-04-25 00:28 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-30 16:31 - 2014-02-12 20:36 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2015-08-30 04:30 - 2013-04-24 00:15 - 00004110 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 04:30 - 2013-04-24 00:15 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 21:05 - 2013-08-23 21:43 - 00000000 ____D C:\Users\HP\Desktop\Tattoo HP
2015-08-25 06:17 - 2014-08-11 16:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-23 18:16 - 2013-04-24 23:12 - 00000000 ____D C:\Users\HP\AppData\Roaming\Spotify
2015-08-23 18:07 - 2013-04-24 23:13 - 00000000 ____D C:\Users\HP\AppData\Local\Spotify
2015-08-22 22:08 - 2013-05-19 14:18 - 00000000 ____D C:\Users\HP\.gimp-2.8
2015-08-22 16:21 - 2012-11-29 17:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-22 16:20 - 2015-04-26 20:00 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-08-21 15:41 - 2013-04-25 00:41 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHP.job
2015-08-20 19:31 - 2013-04-25 00:41 - 00003148 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHP
2015-08-20 19:31 - 2013-04-24 19:40 - 00000000 ____D C:\Users\HP\AppData\Local\Hewlett-Packard
2015-08-20 19:31 - 2012-11-29 17:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-08-20 19:31 - 2012-11-29 17:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-20 19:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-20 18:28 - 2014-08-11 17:00 - 00003092 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2318628955-210851437-4052573652-1001
2015-08-20 18:28 - 2014-08-11 17:00 - 00000000 ___RD C:\Users\HP\OneDrive
2015-08-15 19:56 - 2012-11-29 17:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-15 19:56 - 2012-11-29 17:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 19:56 - 2012-11-29 17:12 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-12 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-12 18:21 - 2013-08-22 16:44 - 00510824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 18:20 - 2015-03-14 20:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 18:20 - 2015-03-14 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 09:57 - 2013-04-25 06:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 09:56 - 2015-03-14 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 09:53 - 2013-08-20 19:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 09:44 - 2013-04-24 23:55 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 09:43 - 2014-12-10 07:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 09:43 - 2014-07-09 05:45 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 09:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 09:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 09:33 - 2015-01-21 07:34 - 00005334 _____ C:\Users\HP\Desktop\Vergleichsliste Codierungen mit und ohne RDK.txt
2015-08-10 09:10 - 2013-04-23 23:43 - 00000000 ____D C:\Users\HP\AppData\Local\Packages
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-04-24 21:46 - 2013-05-30 20:39 - 0023040 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-22 21:48 - 2015-08-22 21:48 - 0000856 _____ () C:\Users\HP\AppData\Local\recently-used.xbel
2013-07-07 21:06 - 2014-12-27 20:10 - 0007613 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\avgnt.exe
C:\Users\HP\AppData\Local\Temp\jre-8u60-windows-au.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-02 19:42
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-09-2015
durchgeführt von HP (2015-09-04 23:04:29)
Gestartet von C:\Users\HP\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2318628955-210851437-4052573652-500 - Administrator - Disabled)
Gast (S-1-5-21-2318628955-210851437-4052573652-501 - Limited - Disabled)
HP (S-1-5-21-2318628955-210851437-4052573652-1001 - Administrator - Enabled) => C:\Users\HP
UpdatusUser (S-1-5-21-2318628955-210851437-4052573652-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVerMedia TV Player (HKLM-x32\...\InstallShield_{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}) (Version: 1.8.1 - AVerMedia Technologies, Inc.)
AVerMedia TV Player (x32 Version: 1.8.1 - AVerMedia Technologies, Inc.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{b76c0d12-422c-44e3-9daa-9363451e24cd}) (Version: 1.1.44.15481 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.44.15481 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.4919 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Equalify v2.5.3 (Stable) (HKLM-x32\...\{33EC4F70-9F4B-406F-BB2A-F75A285E927D}) (Version: 2.5.3.0 - Equalify)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{42f02a91-da9c-48e1-8dc5-37f4449db969}) (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{448286F7-9BCC-4254-A6DC-CB40DC852F55}) (Version: 2.10.25 - Portrait Displays, Inc.)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Wireless Printer Adapter (HKLM-x32\...\{991C5595-5151-4D70-B6CC-90633AC69076}) (Version: 1.00.2000 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft PhotoDraw 2000 V2 (HKLM-x32\...\{3C5EA394-1033-11D2-A2CB-00C04F72F31D}) (Version: 2.00.00.0820 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.1.5446 - ownCloud)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Plus500 (HKLM-x32\...\Plus500) (Version: - )
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
RawPacketDriver (HKLM\...\{7E5BEF96-0293-442B-B344-62902D302522}) (Version: 5.5.1805 - PCAUSA)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SDK (x32 Version: 2.28.007 - Portrait Displays, Inc.) Hidden
SimpleScreenshot 1.40 (HKLM-x32\...\SimpleScreenshot) (Version: - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2700 - Broadcom Corporation)
Win8 x64Components v1.5.7 (HKLM\...\Win8 x64Components_is1) (Version: 1.5.7 - Shark007)
win8codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.5.7 - Shark007)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
03-09-2015 21:18:56 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {14815C6B-E137-4921-89AF-F232DEC0DC73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {258E9C9A-FE3A-4257-9315-81B2FB3ADFDF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {3272F590-AFF8-48F3-8985-963446BC7A57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {3367926E-2795-4A83-96B6-F7056F2986EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {36141812-382C-4E52-B002-AB37C35D2C5F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {3615CB25-48D8-4832-BAF1-882C1512B49E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {388DDA9B-77CE-421B-A8EF-26813F43540B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {5C1926F3-AD0A-4902-9B0F-F553053035E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {66D81E38-AA40-43E6-B92F-FDB6A3154901} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {69CC6E44-9878-4012-A9F5-293A9D847677} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2318628955-210851437-4052573652-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {8CB87094-6241-46D6-AFE8-FB3193A1091F} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2318628955-210851437-4052573652-1001
Task: {94E55260-27D5-4DD3-9E9F-7703D04095C0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {A2ECA964-42EB-4523-AC80-C865C38C4053} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {A89755F1-53A5-46EF-98B2-228C2C9F7417} - System32\Tasks\HPCeeScheduleForHP => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {D5610288-FC83-4A98-9839-20565EF5B572} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {E96886D5-B873-43BC-958B-69C03D0A3D2B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-07-29] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-11-29 17:23 - 2012-08-08 21:48 - 00397312 _____ () c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2012-09-28 00:52 - 2012-09-28 00:52 - 00047480 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2014-08-11 16:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-06-19 03:31 - 2015-06-19 03:31 - 00059392 ____N () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2012-11-29 17:23 - 2012-08-08 21:47 - 00163840 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe
2015-03-17 21:29 - 2008-05-16 19:33 - 01998848 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
2015-03-17 21:29 - 2008-01-15 02:09 - 00385536 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scLanUtil.dll
2015-03-17 21:29 - 2007-10-11 04:50 - 00091136 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scUsb.dll
2015-03-17 21:29 - 2008-01-08 03:29 - 00308736 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scComm.dll
2015-03-17 21:29 - 2008-01-07 23:27 - 00302080 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scUtil.dll
2012-11-29 17:20 - 2010-05-13 18:34 - 00674928 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2015-09-01 16:41 - 2015-09-01 16:41 - 01748494 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2015-09-03 21:36 - 2015-08-28 03:56 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 21:36 - 2015-08-28 03:56 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-03 21:36 - 2015-08-28 03:56 - 28659016 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
2012-11-29 17:23 - 2012-08-08 21:48 - 00053248 _____ () c:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2015-04-26 19:49 - 2013-08-08 13:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-11-29 17:24 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-11-29 17:24 - 2009-02-19 19:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2012-01-17 15:21 - 2012-01-17 15:21 - 00068104 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display\PEGAACPIDLL.dll
2015-07-10 14:38 - 2015-07-10 14:38 - 00061216 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display\VistaAPI.dll
2015-09-01 16:41 - 2015-09-01 16:41 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-09-01 16:41 - 2015-09-01 16:41 - 00971278 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 09:59 - 2015-08-06 09:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 09:59 - 2015-08-06 09:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-08-06 17:48 - 2015-08-06 17:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 09:10 - 2015-08-06 09:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 09:11 - 2015-08-06 09:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 09:16 - 2015-08-06 09:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 09:14 - 2015-08-06 09:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 09:16 - 2015-08-06 09:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 09:14 - 2015-08-06 09:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 09:17 - 2015-08-06 09:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 11:35 - 2015-08-06 11:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 09:26 - 2015-08-06 09:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 11:38 - 2015-08-06 11:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2014-11-18 07:33 - 2014-11-18 07:33 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\HP\SkyDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hape logo1whiteonblack1920x1200.jpg
DNS Servers: 195.128.104.1 - 195.128.104.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F2A077C3-C01D-43AB-98A7-0E934CB9E210}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{AF49A352-060B-4835-A1DE-EFFC4A7EC23C}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{EAB9A753-3A79-4131-A590-7E0D68D259FF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [UDP Query User{C5EF15CC-2CEB-4C09-8058-AC6508565F6D}C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{14F7EF8B-2A96-48DE-B8DA-4E1AB749EFAD}C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9932368-7AC7-43DB-9925-49F2678A3967}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D848F0A1-A424-4D39-A76B-DD9BD63E4105}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\SelectPrinter.exe
FirewallRules: [{52B4EB8E-F0B5-409D-BB20-43266AF38539}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\SelectPrinter.exe
FirewallRules: [{DB34C018-66C0-4165-8A01-72E363FEC406}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
FirewallRules: [{E80DCCCF-9B32-45BC-A7B8-D06C50BF9BBC}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
FirewallRules: [UDP Query User{7D1DD385-66CC-4AE9-A178-5C71B0FE8945}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{46674A93-C7AF-4474-B0FE-283404E57E22}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EE890BD7-79D0-4DFA-8C73-D5017C0BBD89}] => (Allow) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F7029E8E-C2F1-4CE7-8A38-F1C2A7454A78}] => (Allow) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7FE08982-D068-4E60-B1C8-B27F4A3DA3BD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0B254ED4-AA7F-41A0-88B5-52609CDE3D76}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7EA8D7FE-D1BA-4EC5-8C9E-8E1BE7CD7F0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C27A53D1-F012-42AC-B1A7-D28FEB9EB292}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{21BE7075-5E05-4FD3-816A-16DB5FE64797}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91957AA5-8825-4F6C-B78C-39BA422E4A9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52D0D80C-225F-4F6B-B46D-201A4F58EE2C}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E4C\hppiw.exe
FirewallRules: [{230F4E08-FE60-4BBC-A68C-A2026ED70ED7}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E4C\hppiw.exe
FirewallRules: [TCP Query User{2FA71948-36D9-49ED-B5D7-AEF580AE435A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFAB5F0E-A115-488E-98FF-AE9FFC2AA66A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{BE5EA581-425F-4A47-A885-17081BB25A4F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2CDD56B2-20E9-43BB-B70A-7D79D6926548}] => (Allow) LPort=2869
FirewallRules: [{C13EE6B2-D72E-400E-BE67-33E514890405}] => (Allow) LPort=1900
FirewallRules: [{B90B1DFA-BF84-4AC8-B628-10E3A23F08DA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{42766030-DDDF-4DC9-B3A6-FAD28A0742AA}] => (Allow) C:\Users\HP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{7EDCF017-60F0-4F45-B0C3-B7ECF4A1B360}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BDA1230B-EF5C-4426-B819-9DC0796C5D6E}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{334B9BFB-731C-4D79-85A7-47B031599DF2}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS95CF.tmp\SetupWizard.exe
FirewallRules: [{1DE2B444-9B83-4C38-BC3A-19BAB3FBE3C4}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS95CF.tmp\SetupWizard.exe
FirewallRules: [{9F3F1AE1-D213-45A6-9EC3-7B5ED014F4EE}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS2A59.tmp\SetupWizard.exe
FirewallRules: [{3BF34613-1250-444D-BB1B-7458B5BC99CA}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS2A59.tmp\SetupWizard.exe
FirewallRules: [{9561A5B2-23EE-4DD6-8BE8-5773B94E1CEB}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSE041.tmp\SetupWizard.exe
FirewallRules: [{84E6738C-E093-466F-B413-5A806E28D1C3}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSE041.tmp\SetupWizard.exe
FirewallRules: [{60ACA6D4-B942-441C-8572-945B48A39BE3}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSF1E3.tmp\SetupWizard.exe
FirewallRules: [{170B9C05-8B03-4BFC-B8FC-6E65F8B3AB6A}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSF1E3.tmp\SetupWizard.exe
FirewallRules: [{FF90B302-12BC-4F0D-B1B7-98815E2E03FE}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS6E37.tmp\SetupWizard.exe
FirewallRules: [{188BFF55-D57F-4D0C-80D0-FB394F6D8EE0}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS6E37.tmp\SetupWizard.exe
FirewallRules: [{353D178B-2BE5-4637-96F1-A0B86CF5598C}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS425.tmp\SetupWizard.exe
FirewallRules: [{AA2F9531-71AE-4B08-8B65-8451B2E6C7DF}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS425.tmp\SetupWizard.exe
FirewallRules: [{9F04419E-3662-4482-9D96-401DE2ED43B8}] => (Allow) C:\Users\HP\Downloads\COL22470\SetupWizard.exe
FirewallRules: [{0C39E98A-F214-463C-BB0F-BCC2C25B37D6}] => (Allow) C:\Users\HP\Downloads\COL22470\SetupWizard.exe
FirewallRules: [{713A66C9-A4B9-4835-A67E-6B74012891ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{946B5A52-18E8-4049-A722-E3B77BF9C3F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{795C5AE1-EE02-42B8-BDB6-0A0F857A6BE3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2F090F23-579E-492A-B695-9C481AC1F9AD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{495FE933-E072-46B1-BD7E-14780B6D8FBE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{4B7B7432-4C40-4ABE-86DA-097BE88586D5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{264BE165-8B45-481E-A0B0-A21F8C935545}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E61\hppiw.exe
FirewallRules: [{14492D27-34A6-47A7-859A-973AD33B3F76}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E61\hppiw.exe
FirewallRules: [TCP Query User{A1BCF2F1-A9A0-4D0D-9EEF-D8DC96AB5993}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{75DC0352-111F-444F-BBD7-FD0BDAA2DE8C}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{C8D3E39A-C227-487E-ACEA-AB6F8896B16D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{7001398A-582D-4B71-9D7C-0FEF8E186A66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/04/2015 07:34:01 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (09/03/2015 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3656
Error: (09/03/2015 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3656
Error: (09/03/2015 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/03/2015 10:42:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2438
Error: (09/03/2015 10:42:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2438
Error: (09/03/2015 10:42:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/03/2015 10:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
Error: (09/03/2015 10:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141
Error: (09/03/2015 10:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (09/04/2015 07:08:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.
Error: (09/03/2015 10:42:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (09/03/2015 07:08:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (09/03/2015 02:20:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/02/2015 07:20:20 PM) (Source: DCOM) (EventID: 10016) (User: HP-HEIMPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HP-HeimPCHPS-1-5-21-2318628955-210851437-4052573652-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/02/2015 07:20:20 PM) (Source: DCOM) (EventID: 10016) (User: HP-HEIMPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HP-HeimPCHPS-1-5-21-2318628955-210851437-4052573652-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/02/2015 07:20:20 PM) (Source: DCOM) (EventID: 10016) (User: HP-HEIMPC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HP-HeimPCHPS-1-5-21-2318628955-210851437-4052573652-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/02/2015 07:18:53 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/02/2015 07:18:53 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (09/02/2015 07:09:22 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "G:" können nicht gelesen werden.
Microsoft Office:
=========================
CodeIntegrity:
===================================
Date: 2015-09-02 20:59:33.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3330S CPU @ 2.70GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 8128.77 MB
Verfügbarer physikalischer RAM: 3132.11 MB
Summe virtueller Speicher: 10512.77 MB
Verfügbarer virtueller Speicher: 3406.66 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:119.66 GB) (Free:45.03 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Eigene) (Fixed) (Total:798.34 GB) (Free:259.21 GB) NTFS
Drive e: (Recovery Image) (Fixed) (Total:11.69 GB) (Free:1.38 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive f: (METALLICATHROUGHTHENEVER2D) (CDROM) (Total:40.35 GB) (Free:0 GB) UDF
Drive h: (MUSIKAUTO32) (Fixed) (Total:29.8 GB) (Free:0.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BB0A4CC6)
Partition: GPT.
========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 76F08D3D)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
__________________ ___________ MfG Gustavo |
|
04.09.2015, 22:18
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Online-Banking-Account gesperrt - Verdacht auf Trojaner Ziemlich unauffällig. Mach mal bitte mit MBAR weiter: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Online-Banking-Account gesperrt - Verdacht auf Trojaner |
|
04.09.2015, 22:50
| #7 |
| | Online-Banking-Account gesperrt - Verdacht auf Trojaner Erledigt, no malware found... Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.2.1008
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17937
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 2.694000 GHz
Memory total: 8523636736, free: 3178536960
Downloaded database version: v2015.09.04.08
Downloaded database version: v2015.08.16.01
Downloaded database version: v2015.08.28.02
Initializing...
======================
Driver version: 0.3.0.4
------------ Kernel report ------------
09/04/2015 23:22:55
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\hpnuhst.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\hpnuhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\Drivers\AVerIT13x_x64.sys
\SystemRoot\System32\Drivers\BdaSup.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\LEqdUsb.Sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\LHidEqd.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avnetflt.sys
\SystemRoot\system32\drivers\bcbtums.sys
\SystemRoot\system32\DRIVERS\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\??\C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
\SystemRoot\System32\drivers\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\System32\drivers\bthpan.sys
\SystemRoot\system32\DRIVERS\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\System32\drivers\btwrchid.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\usbscan.sys
\SystemRoot\System32\drivers\usbprint.sys
\SystemRoot\system32\DRIVERS\dot4usb.sys
\SystemRoot\system32\DRIVERS\Dot4.sys
\SystemRoot\System32\drivers\Dot4Prt.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.09.04.08
rootkit: v2015.08.16.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe001ed983060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001ed984410, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ed983060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001eae4e420, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe001eaf27060, DeviceName: \Device\0000002d\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rndismpx.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rndismpx.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usb8023x.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usb8023x.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: BB0A4CC6
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 1250928763
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 67d0a942-2f78-47a9-b141-cbd68a6ff8b6
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 1250928763
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 67d0a942-2f78-47a9-b141-cbd68a6ff8b6
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID de9a5279-7af-4b7a-85f4-a6d0bda461fc
FirstLBA 2048 Last LBA 2097151
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 70486303-abe9-40ec-ab4a-61eac82f730
FirstLBA 2097152 Last LBA 2834431
Attributes 0
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID f8fbfc79-ed95-48ea-87da-55f64a86c9d
FirstLBA 2834432 Last LBA 3096575
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 118cccd4-e40a-4acd-afa5-b51bbc96dffc
FirstLBA 3096576 Last LBA 254038015
Attributes 0
Partition Name Basic data partition
Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID b2092eae-a291-479d-bf68-422d62cbb478
FirstLBA 254038016 Last LBA 254754815
Attributes 1
Partition Name
Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 424f1d96-a97a-47f6-ac38-e8c0199f3f
FirstLBA 254754816 Last LBA 1929000959
Attributes 0
Partition Name Basic data partition
Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID be4ed9c4-e88d-452a-9337-455348fd79b8
FirstLBA 1929003008 Last LBA 1953523711
Attributes 1
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffe001ef83b490, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001ef820040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ef83b490, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001effc0b10, DeviceName: \Device\0000003a\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 76F08D3D
Partition information:
Partition 0 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 32 Numsec = 62530592
Partition is not bootable
Partition file system is FAT32
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 32015679488 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffe001ef498230, DeviceName: \Device\Harddisk2\DR7\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001f6d23040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ef498230, DeviceName: \Device\Harddisk2\DR7\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001f1da9910, DeviceName: \Device\000000e7\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHLEENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\COMPOSITEBUS.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usb8023x.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\BthHFSrv.dll" is compressed (flags = 1)
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File "C:\Windows\System32\CIRCoInst.dll" is compressed (flags = 1)
File "C:\Windows\System32\fsquirt.exe" is compressed (flags = 1)
File "C:\Windows\System32\iscsilog.dll" is compressed (flags = 1)
File "C:\Windows\System32\streamci.dll" is compressed (flags = 1)
File "C:\Windows\System32\SysFxUI.dll" is compressed (flags = 1)
File "C:\Windows\System32\WMALFXGFXDSP.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtp.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtpUS.dll" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rndismpx.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-32-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.09.04.08
rootkit: v2015.08.16.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
HP :: HP-HEIMPC [administrator]
04.09.2015 23:23:23
mbar-log-2015-09-04 (23-23-23).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 391019
Time elapsed: 18 minute(s), 51 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Bin ich also sauber?
__________________ ___________ MfG Gustavo Geändert von Gustavo (04.09.2015 um 22:52 Uhr) Grund: Log angefügt |
|
04.09.2015, 22:57
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Online-Banking-Account gesperrt - Verdacht auf Trojaner Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2015, 07:18
| #9 |
| | Online-Banking-Account gesperrt - Verdacht auf Trojaner Schritt 1 durchgeführt, sind jetzt 2 Logs, weil beim ersten Löschdurchgang plötzlich die Meldung kam, daß das Programm nicht mehr funktioniert und nach einer Lösung gesucht wird... Hab dann ein zweites Mal gestartet, hoffe das ist OK so. AdwCleaner[C1].txt Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 05/09/2015 um 00:12:04
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-09-04.4 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : HP - HP-HEIMPC
# Gestartet von : C:\Users\HP\Desktop\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb
[-] Ordner Gelöscht : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkijekempmdlleaimfelifcejbkmcd
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\obciceimmggglbmelaidpjlmodcebijb
***** [ Verknüpfungen ] *****
[-] Verknüpfung Desinfiziert : C:\Users\HP\Desktop\Rock Antenne Heavy Metal.lnk
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Schlüssel Gelöscht : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[-] Schlüssel Gelöscht : HKCU\Software\APN PIP
[-] Schlüssel Gelöscht : HKCU\Software\UpdateStar
[-] Schlüssel Gelöscht : HKCU\Software\Appscion
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
[!] Schlüssel Nicht Gelöscht : HKCU64\Software\APN PIP
[!] Schlüssel Nicht Gelöscht : HKCU64\Software\UpdateStar
[!] Schlüssel Nicht Gelöscht : HKCU64\Software\Appscion
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
[-] Schlüssel Gelöscht : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[!] Schlüssel Nicht Gelöscht : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 05/09/2015 um 00:13:22
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-09-04.4 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : HP - HP-HEIMPC
# Gestartet von : C:\Users\HP\Desktop\AdwCleaner_5.005.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\obciceimmggglbmelaidpjlmodcebijb
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKU\S-1-5-21-2318628955-210851437-4052573652-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
***** [ Internetbrowser ] *****
[-] [C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : minecraft.softonic.de
[-] [C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : delta-search.com
[-] [C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : en.softonic.com
[-] [C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : jbnkijekempmdlleaimfelifcejbkmcd
[-] [C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : obciceimmggglbmelaidpjlmodcebijb
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1709 Bytes] ##########
Schritt 2 erledigt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 8.1 x64
Ran by HP on 05.09.2015 at 0:25:32,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
~~~ Files
~~~ Folders
~~~ Chrome
Successfully deleted: [Folder] C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Extensions\jbnkijekempmdlleaimfelifcejbkmcd
Successfully deleted: [Folder] C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb
[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
jbnkijekempmdlleaimfelifcejbkmcd
obciceimmggglbmelaidpjlmodcebijb
[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\HP\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
jbnkijekempmdlleaimfelifcejbkmcd,
obciceimmggglbmelaidpjlmodcebijb
]
Schritt 3 Frisches FRST-Log: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
durchgeführt von HP (Administrator) auf HP-HEIMPC (05-09-2015 00:29:38)
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP (Verfügbare Profile: HP)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-18] (IDT, Inc.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SimpleScreenshot] => C:\Program Files (x86)\SSS\SimpleScreenshot.exe [2255360 2013-08-05] (Mirko Böer)
HKLM-x32\...\Run: [DT_HPO] => C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe [142112 2015-07-10] (HP)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1748494 2015-09-01] ()
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2012-11-29]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-04-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Verbindungsmanager.lnk [2015-03-17]
ShortcutTarget: Verbindungsmanager.lnk -> C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\..\Interfaces\{9252B9FC-E758-4989-AE58-FD68BF89DF41}: [DhcpNameServer] 195.128.104.1 195.128.104.2
Tcpip\..\Interfaces\{A4348365-5EAE-4227-BBCA-DD8A06096FEF}: [NameServer] 195.128.104.1,195.128.104.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/13
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/13
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/13
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2318628955-210851437-4052573652-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll Keine Datei
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2318628955-210851437-4052573652-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR DefaultSearchURL: Default -> "url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}"
CHR DefaultSearchKeyword: Default -> google.at___
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-07]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-07]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-07]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-07]
CHR Extension: (Classic Games) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc [2015-08-07]
CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-07]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-08-07]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-07]
CHR Extension: (Avira Browser Safety) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-07]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Custom new tab) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkijekempmdlleaimfelifcejbkmcd [2015-09-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-07]
CHR Extension: (Google Maps) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-08-07]
CHR Extension: (Messenger (Unofficial)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok [2015-08-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Better History) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-09-05]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2012-10-18] (Andrea Electronics Corporation) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AVerRemote; c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [364544 2012-08-08] (AVerMedia) [Datei ist nicht signiert]
S2 AVerScheduleService; c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2012-08-08] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [227592 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-27] (CyberLink)
S2 DTuneSrvc; C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe [122656 2015-06-09] (Portrait Displays, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Users\HP\AppData\Local\Temp\7zS5E4C\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-18] (IDT, Inc.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [196096 2012-07-11] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hpnuhst; C:\Windows\System32\drivers\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\drivers\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-05 00:27 - 2015-09-05 00:27 - 00001887 _____ C:\Users\HP\Desktop\JRT.txt
2015-09-05 00:24 - 2015-09-05 00:24 - 01799392 _____ (Malwarebytes Corporation) C:\Users\HP\Desktop\JRT_7600.exe
2015-09-05 00:10 - 2015-09-05 00:13 - 00000000 ____D C:\AdwCleaner
2015-09-05 00:05 - 2015-09-05 00:05 - 01654272 _____ C:\Users\HP\Desktop\AdwCleaner_5.005.exe
2015-09-04 23:23 - 2015-09-04 23:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-04 23:22 - 2015-09-04 23:47 - 00000000 ____D C:\Users\HP\Desktop\mbar
2015-09-04 23:22 - 2015-09-04 23:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-04 23:22 - 2015-09-04 23:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-04 23:22 - 2015-09-04 23:22 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-04 23:21 - 2015-09-04 23:21 - 16563304 _____ (Malwarebytes Corp.) C:\Users\HP\Desktop\mbar-1.09.2.1008.exe
2015-09-04 23:04 - 2015-09-04 23:05 - 00041435 _____ C:\Users\HP\Desktop\Addition.txt
2015-09-04 23:03 - 2015-09-05 00:29 - 00030277 _____ C:\Users\HP\Desktop\FRST.txt
2015-09-04 23:03 - 2015-09-05 00:29 - 00000000 ____D C:\FRST
2015-09-04 23:02 - 2015-09-04 23:02 - 02188800 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2015-09-04 21:47 - 2015-09-04 21:47 - 00010070 _____ C:\Users\HP\Desktop\Ereignisse.txt
2015-09-04 20:59 - 2015-09-04 20:58 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-04 20:58 - 2015-09-04 20:59 - 00000000 ____D C:\Users\HP\.oracle_jre_usage
2015-09-04 20:58 - 2015-09-04 20:58 - 00000000 ____D C:\Users\HP\AppData\Roaming\Sun
2015-08-22 21:48 - 2015-08-22 21:48 - 00000856 _____ C:\Users\HP\AppData\Local\recently-used.xbel
2015-08-22 18:24 - 2015-08-22 18:24 - 00005556 _____ C:\Users\HP\Downloads\SystemInfo.txt
2015-08-22 16:19 - 2015-08-22 16:20 - 11660480 _____ (Portrait Displays, Inc.) C:\Users\HP\Downloads\MyDisplay_TouchSmartEdition.exe
2015-08-20 19:08 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 19:08 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-16 19:45 - 2015-08-17 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer Demo
2015-08-16 19:45 - 2015-08-17 19:52 - 00000000 ____D C:\ProgramData\CMUV
2015-08-16 19:44 - 2015-08-16 19:45 - 05780416 _____ (CM&V ) C:\Users\HP\Downloads\DVBViewer_setup_demo.exe
2015-08-16 19:43 - 2015-08-16 19:43 - 00304783 _____ C:\Users\HP\Downloads\compatibility.zip
2015-08-16 18:32 - 2015-08-16 18:32 - 00001209 _____ C:\Users\HP\Desktop\Bitfinex Erträge.xlsx - Verknüpfung.lnk
2015-08-15 19:56 - 2015-08-15 19:56 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-15 19:52 - 2015-08-15 19:52 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\HP\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-08-12 09:56 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:56 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:18 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 09:18 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 09:18 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 09:18 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 09:18 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 09:18 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 09:18 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 09:18 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 09:18 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 09:18 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 09:17 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 09:17 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 09:17 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 09:17 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 09:17 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 09:17 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 09:17 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 09:17 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 09:17 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 09:17 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 09:17 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 09:17 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 09:17 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 09:17 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 09:17 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 09:17 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 09:17 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 09:17 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 09:17 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 09:17 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 09:17 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 09:17 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 09:17 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 09:17 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 09:17 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 09:17 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 09:17 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 09:17 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 09:17 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 09:16 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 09:16 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 09:16 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 09:16 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 09:16 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 09:16 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 09:16 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 09:16 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 09:16 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 09:16 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 09:16 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 09:16 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 09:16 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 09:16 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 09:16 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 09:16 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 09:15 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 09:15 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 09:15 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 09:15 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 09:15 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 09:15 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 09:15 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 09:15 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 09:15 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 09:15 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 09:15 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 09:15 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 09:15 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 09:15 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 09:15 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 09:15 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 09:15 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 09:15 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 09:15 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 09:15 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 09:15 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 09:15 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 09:15 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 09:15 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 09:15 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 09:15 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 09:15 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-07 12:48 - 2015-08-07 13:56 - 00015155 _____ C:\Users\HP\Desktop\Microsoft Excel Worksheet (neu).xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-05 00:21 - 2013-04-23 23:52 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2318628955-210851437-4052573652-1001
2015-09-05 00:18 - 2013-10-26 09:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\ClassicShell
2015-09-05 00:18 - 2013-10-19 15:23 - 00000000 ___RD C:\Users\HP\SkyDrive
2015-09-05 00:17 - 2013-11-03 16:43 - 00001329 _____ C:\Users\HP\Desktop\Rock Antenne Heavy Metal.lnk
2015-09-05 00:16 - 2014-12-25 20:52 - 00000000 ____D C:\Users\HP\AppData\Local\ownCloud
2015-09-05 00:16 - 2013-08-22 16:46 - 00465626 _____ C:\WINDOWS\setupact.log
2015-09-05 00:16 - 2013-04-24 00:15 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 00:15 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-05 00:14 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-05 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-04 23:42 - 2014-09-13 17:52 - 00003612 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2318628955-210851437-4052573652-1001
2015-09-04 23:35 - 2013-04-24 00:15 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-04 20:59 - 2014-07-20 08:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-04 20:59 - 2014-01-19 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-04 20:59 - 2013-12-01 18:30 - 00000000 ____D C:\ProgramData\Oracle
2015-09-04 20:58 - 2014-07-20 08:58 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-04 20:58 - 2014-07-20 08:58 - 00000000 ____D C:\Program Files\Java
2015-09-04 20:58 - 2013-10-19 10:58 - 00000000 ____D C:\Users\HP
2015-09-04 20:44 - 2013-10-19 10:54 - 01736993 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-04 18:40 - 2013-11-03 17:17 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1EB6A0B-8DA7-4261-9888-0A714FEEEAE0}
2015-09-04 18:39 - 2014-12-25 21:11 - 00000000 ____D C:\Users\HP\ownCloud
2015-09-04 18:38 - 2015-07-03 19:18 - 00001021 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-09-04 18:38 - 2014-12-25 20:52 - 00001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-09-04 18:38 - 2014-12-25 20:51 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-09-04 18:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-02 19:21 - 2014-08-14 19:21 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-02 19:21 - 2013-04-26 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-02 19:19 - 2013-09-29 21:04 - 00260652 _____ C:\WINDOWS\PFRO.log
2015-09-02 03:33 - 2013-09-30 06:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-02 03:33 - 2013-09-30 05:56 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-02 03:33 - 2013-09-30 05:56 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-30 20:58 - 2013-04-25 00:28 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-30 16:31 - 2014-02-12 20:36 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2015-08-30 04:30 - 2013-04-24 00:15 - 00004110 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 04:30 - 2013-04-24 00:15 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 21:05 - 2013-08-23 21:43 - 00000000 ____D C:\Users\HP\Desktop\Tattoo HP
2015-08-25 06:17 - 2014-08-11 16:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-23 18:16 - 2013-04-24 23:12 - 00000000 ____D C:\Users\HP\AppData\Roaming\Spotify
2015-08-23 18:07 - 2013-04-24 23:13 - 00000000 ____D C:\Users\HP\AppData\Local\Spotify
2015-08-22 22:08 - 2013-05-19 14:18 - 00000000 ____D C:\Users\HP\.gimp-2.8
2015-08-22 16:21 - 2012-11-29 17:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-22 16:20 - 2015-04-26 20:00 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-08-21 15:41 - 2013-04-25 00:41 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHP.job
2015-08-20 19:31 - 2013-04-25 00:41 - 00003148 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHP
2015-08-20 19:31 - 2013-04-24 19:40 - 00000000 ____D C:\Users\HP\AppData\Local\Hewlett-Packard
2015-08-20 19:31 - 2012-11-29 17:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-08-20 19:31 - 2012-11-29 17:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-20 19:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-20 18:28 - 2014-08-11 17:00 - 00003092 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2318628955-210851437-4052573652-1001
2015-08-20 18:28 - 2014-08-11 17:00 - 00000000 ___RD C:\Users\HP\OneDrive
2015-08-15 19:56 - 2012-11-29 17:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-15 19:56 - 2012-11-29 17:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 19:56 - 2012-11-29 17:12 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-12 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-12 18:21 - 2013-08-22 16:44 - 00510824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 18:20 - 2015-03-14 20:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 18:20 - 2015-03-14 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 09:57 - 2013-04-25 06:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 09:56 - 2015-03-14 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 09:53 - 2013-08-20 19:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 09:44 - 2013-04-24 23:55 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 09:43 - 2014-12-10 07:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 09:43 - 2014-07-09 05:45 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 09:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 09:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 09:33 - 2015-01-21 07:34 - 00005334 _____ C:\Users\HP\Desktop\Vergleichsliste Codierungen mit und ohne RDK.txt
2015-08-10 09:10 - 2013-04-23 23:43 - 00000000 ____D C:\Users\HP\AppData\Local\Packages
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-04-24 21:46 - 2013-05-30 20:39 - 0023040 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-22 21:48 - 2015-08-22 21:48 - 0000856 _____ () C:\Users\HP\AppData\Local\recently-used.xbel
2013-07-07 21:06 - 2014-12-27 20:10 - 0007613 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\avgnt.exe
C:\Users\HP\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\HP\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-02 19:42
==================== Ende von FRST.txt ============================
 Die Verknüpfung ist noch da, aber ohne Link... 
__________________ ___________ MfG Gustavo |
|
05.09.2015, 18:22
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Online-Banking-Account gesperrt - Verdacht auf Trojaner Es sagt doch niemand, dass du die nicht mehr hören darfst Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2015, 19:11
| #11 |
| | Online-Banking-Account gesperrt - Verdacht auf Trojaner Nimmst du immer alles so ernst? Da waren doch 2 Smileys dabei...  Hier nochmal alles frisch: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
durchgeführt von HP (Administrator) auf HP-HEIMPC (05-09-2015 20:07:41)
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP (Verfügbare Profile: HP)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mirko Böer) C:\Program Files (x86)\SSS\SimpleScreenshot.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP) C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-18] (IDT, Inc.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SimpleScreenshot] => C:\Program Files (x86)\SSS\SimpleScreenshot.exe [2255360 2013-08-05] (Mirko Böer)
HKLM-x32\...\Run: [DT_HPO] => C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe [142112 2015-07-10] (HP)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1748494 2015-09-01] ()
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1404248 2015-07-29] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2012-11-29]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-04-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Verbindungsmanager.lnk [2015-03-17]
ShortcutTarget: Verbindungsmanager.lnk -> C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\..\Interfaces\{9252B9FC-E758-4989-AE58-FD68BF89DF41}: [DhcpNameServer] 195.128.104.1 195.128.104.2
Tcpip\..\Interfaces\{A4348365-5EAE-4227-BBCA-DD8A06096FEF}: [NameServer] 195.128.104.1,195.128.104.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/13
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/13
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/13
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9C70A3B1-A0D5-488A-A0A2-C7EE9EC1E738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2318628955-210851437-4052573652-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-29880-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll Keine Datei
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-08-23] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-2318628955-210851437-4052573652-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-05]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "hxxp://www.google.at/"
CHR DefaultSearchURL: Default -> "url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}"
CHR DefaultSearchKeyword: Default -> google.at___
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-07]
CHR Extension: (Google Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-07]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-07]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-07]
CHR Extension: (Classic Games) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc [2015-08-07]
CHR Extension: (Adblock Plus) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-07]
CHR Extension: (Google Search) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-07]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-08-07]
CHR Extension: (Google Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-07]
CHR Extension: (Avira Browser Safety) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-07]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Custom new tab) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkijekempmdlleaimfelifcejbkmcd [2015-09-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-07]
CHR Extension: (Google Maps) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-08-07]
CHR Extension: (Messenger (Unofficial)) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdapmeleikeppmfgadilffngabfpibok [2015-08-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR Extension: (Better History) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-09-05]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2012-10-18] (Andrea Electronics Corporation) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AVerRemote; c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [364544 2012-08-08] (AVerMedia) [Datei ist nicht signiert]
S2 AVerScheduleService; c:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2012-08-08] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [227592 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-27] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-27] (CyberLink)
S2 DTuneSrvc; C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe [122656 2015-06-09] (Portrait Displays, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [754120 2015-07-29] (Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Users\HP\AppData\Local\Temp\7zS5E4C\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-18] (IDT, Inc.) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [196096 2012-07-11] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hpnuhst; C:\Windows\System32\drivers\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\drivers\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-05 00:27 - 2015-09-05 00:27 - 00001887 _____ C:\Users\HP\Desktop\JRT.txt
2015-09-05 00:24 - 2015-09-05 00:24 - 01799392 _____ (Malwarebytes Corporation) C:\Users\HP\Desktop\JRT_7600.exe
2015-09-05 00:10 - 2015-09-05 00:13 - 00000000 ____D C:\AdwCleaner
2015-09-05 00:05 - 2015-09-05 00:05 - 01654272 _____ C:\Users\HP\Desktop\AdwCleaner_5.005.exe
2015-09-04 23:23 - 2015-09-04 23:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-04 23:22 - 2015-09-04 23:47 - 00000000 ____D C:\Users\HP\Desktop\mbar
2015-09-04 23:22 - 2015-09-04 23:47 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-04 23:22 - 2015-09-04 23:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-04 23:22 - 2015-09-04 23:22 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-04 23:21 - 2015-09-04 23:21 - 16563304 _____ (Malwarebytes Corp.) C:\Users\HP\Desktop\mbar-1.09.2.1008.exe
2015-09-04 23:04 - 2015-09-04 23:05 - 00041435 _____ C:\Users\HP\Desktop\Addition.txt
2015-09-04 23:03 - 2015-09-05 20:08 - 00032230 _____ C:\Users\HP\Desktop\FRST.txt
2015-09-04 23:03 - 2015-09-05 20:07 - 00000000 ____D C:\FRST
2015-09-04 23:02 - 2015-09-04 23:02 - 02188800 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2015-09-04 21:47 - 2015-09-04 21:47 - 00010070 _____ C:\Users\HP\Desktop\Ereignisse.txt
2015-09-04 20:59 - 2015-09-04 20:58 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-09-04 20:58 - 2015-09-04 20:59 - 00000000 ____D C:\Users\HP\.oracle_jre_usage
2015-09-04 20:58 - 2015-09-04 20:58 - 00000000 ____D C:\Users\HP\AppData\Roaming\Sun
2015-08-22 21:48 - 2015-08-22 21:48 - 00000856 _____ C:\Users\HP\AppData\Local\recently-used.xbel
2015-08-22 18:24 - 2015-08-22 18:24 - 00005556 _____ C:\Users\HP\Downloads\SystemInfo.txt
2015-08-22 16:19 - 2015-08-22 16:20 - 11660480 _____ (Portrait Displays, Inc.) C:\Users\HP\Downloads\MyDisplay_TouchSmartEdition.exe
2015-08-20 19:08 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 19:08 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-16 19:45 - 2015-08-17 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer Demo
2015-08-16 19:45 - 2015-08-17 19:52 - 00000000 ____D C:\ProgramData\CMUV
2015-08-16 19:44 - 2015-08-16 19:45 - 05780416 _____ (CM&V ) C:\Users\HP\Downloads\DVBViewer_setup_demo.exe
2015-08-16 19:43 - 2015-08-16 19:43 - 00304783 _____ C:\Users\HP\Downloads\compatibility.zip
2015-08-16 18:32 - 2015-08-16 18:32 - 00001209 _____ C:\Users\HP\Desktop\Bitfinex Erträge.xlsx - Verknüpfung.lnk
2015-08-15 19:56 - 2015-08-15 19:56 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-15 19:52 - 2015-08-15 19:52 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\HP\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-08-12 09:56 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:56 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:18 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 09:18 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 09:18 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 09:18 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 09:18 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 09:18 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 09:18 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 09:18 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 09:18 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 09:18 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 09:18 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 09:17 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 09:17 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 09:17 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 09:17 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 09:17 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 09:17 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 09:17 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 09:17 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 09:17 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 09:17 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 09:17 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 09:17 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 09:17 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 09:17 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 09:17 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 09:17 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 09:17 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 09:17 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 09:17 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 09:17 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 09:17 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 09:17 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 09:17 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 09:17 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 09:17 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 09:17 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 09:17 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 09:17 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 09:17 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 09:16 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 09:16 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 09:16 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 09:16 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 09:16 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 09:16 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 09:16 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 09:16 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 09:16 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 09:16 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 09:16 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 09:16 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 09:16 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 09:16 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 09:16 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 09:16 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 09:16 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 09:15 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 09:15 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 09:15 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 09:15 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 09:15 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 09:15 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 09:15 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 09:15 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 09:15 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 09:15 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 09:15 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 09:15 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 09:15 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 09:15 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 09:15 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 09:15 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 09:15 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 09:15 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 09:15 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 09:15 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 09:15 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 09:15 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 09:15 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 09:15 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 09:15 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 09:15 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 09:15 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-07 12:48 - 2015-08-07 13:56 - 00015155 _____ C:\Users\HP\Desktop\Microsoft Excel Worksheet (neu).xlsx
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-05 20:04 - 2013-04-23 23:52 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2318628955-210851437-4052573652-1001
2015-09-05 20:02 - 2013-10-19 10:54 - 01777795 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-05 20:01 - 2013-11-03 17:17 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D1EB6A0B-8DA7-4261-9888-0A714FEEEAE0}
2015-09-05 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-05 19:59 - 2014-12-25 20:52 - 00000000 ____D C:\Users\HP\AppData\Local\ownCloud
2015-09-05 19:59 - 2013-04-24 00:15 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 19:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-05 19:58 - 2013-08-22 16:46 - 00466242 _____ C:\WINDOWS\setupact.log
2015-09-05 08:53 - 2013-10-26 09:04 - 00000000 ____D C:\Users\HP\AppData\Roaming\ClassicShell
2015-09-05 08:35 - 2013-04-24 00:15 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 07:41 - 2014-09-13 17:52 - 00003612 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2318628955-210851437-4052573652-1001
2015-09-05 00:18 - 2013-10-19 15:23 - 00000000 ___RD C:\Users\HP\SkyDrive
2015-09-05 00:17 - 2013-11-03 16:43 - 00001329 _____ C:\Users\HP\Desktop\Rock Antenne Heavy Metal.lnk
2015-09-05 00:15 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-05 00:14 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-04 20:59 - 2014-07-20 08:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-04 20:59 - 2014-01-19 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-04 20:59 - 2013-12-01 18:30 - 00000000 ____D C:\ProgramData\Oracle
2015-09-04 20:58 - 2014-07-20 08:58 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-04 20:58 - 2014-07-20 08:58 - 00000000 ____D C:\Program Files\Java
2015-09-04 20:58 - 2013-10-19 10:58 - 00000000 ____D C:\Users\HP
2015-09-04 18:39 - 2014-12-25 21:11 - 00000000 ____D C:\Users\HP\ownCloud
2015-09-04 18:38 - 2015-07-03 19:18 - 00001021 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-09-04 18:38 - 2014-12-25 20:52 - 00001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-09-04 18:38 - 2014-12-25 20:51 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-09-02 19:21 - 2014-08-14 19:21 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-02 19:21 - 2013-04-26 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-02 19:19 - 2013-09-29 21:04 - 00260652 _____ C:\WINDOWS\PFRO.log
2015-09-02 03:33 - 2013-09-30 06:14 - 01980934 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-02 03:33 - 2013-09-30 05:56 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-02 03:33 - 2013-09-30 05:56 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-30 20:58 - 2013-04-25 00:28 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-08-30 16:31 - 2014-02-12 20:36 - 00000000 ____D C:\Users\HP\AppData\Roaming\vlc
2015-08-30 04:30 - 2013-04-24 00:15 - 00004110 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-30 04:30 - 2013-04-24 00:15 - 00003874 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 21:05 - 2013-08-23 21:43 - 00000000 ____D C:\Users\HP\Desktop\Tattoo HP
2015-08-25 06:17 - 2014-08-11 16:37 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-23 18:16 - 2013-04-24 23:12 - 00000000 ____D C:\Users\HP\AppData\Roaming\Spotify
2015-08-23 18:07 - 2013-04-24 23:13 - 00000000 ____D C:\Users\HP\AppData\Local\Spotify
2015-08-22 22:08 - 2013-05-19 14:18 - 00000000 ____D C:\Users\HP\.gimp-2.8
2015-08-22 16:21 - 2012-11-29 17:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-22 16:20 - 2015-04-26 20:00 - 00000000 ____D C:\ProgramData\Downloaded Installations
2015-08-21 15:41 - 2013-04-25 00:41 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHP.job
2015-08-20 19:31 - 2013-04-25 00:41 - 00003148 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHP
2015-08-20 19:31 - 2013-04-24 19:40 - 00000000 ____D C:\Users\HP\AppData\Local\Hewlett-Packard
2015-08-20 19:31 - 2012-11-29 17:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-08-20 19:31 - 2012-11-29 17:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-20 19:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-20 18:28 - 2014-08-11 17:00 - 00003092 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2318628955-210851437-4052573652-1001
2015-08-20 18:28 - 2014-08-11 17:00 - 00000000 ___RD C:\Users\HP\OneDrive
2015-08-15 19:56 - 2012-11-29 17:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-15 19:56 - 2012-11-29 17:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 19:56 - 2012-11-29 17:12 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-12 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-12 18:21 - 2013-08-22 16:44 - 00510824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 18:20 - 2015-03-14 20:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 18:20 - 2015-03-14 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 09:59 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 09:57 - 2013-04-25 06:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 09:56 - 2015-03-14 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 09:53 - 2013-08-20 19:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 09:44 - 2013-04-24 23:55 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 09:43 - 2014-12-10 07:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 09:43 - 2014-07-09 05:45 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 09:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 09:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 09:33 - 2015-01-21 07:34 - 00005334 _____ C:\Users\HP\Desktop\Vergleichsliste Codierungen mit und ohne RDK.txt
2015-08-10 09:10 - 2013-04-23 23:43 - 00000000 ____D C:\Users\HP\AppData\Local\Packages
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-04-24 21:46 - 2013-05-30 20:39 - 0023040 _____ () C:\Users\HP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-22 21:48 - 2015-08-22 21:48 - 0000856 _____ () C:\Users\HP\AppData\Local\recently-used.xbel
2013-07-07 21:06 - 2014-12-27 20:10 - 0007613 _____ () C:\Users\HP\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\HP\AppData\Local\Temp\avgnt.exe
C:\Users\HP\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\HP\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-02 19:42
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-09-2015
durchgeführt von HP (2015-09-05 20:08:22)
Gestartet von C:\Users\HP\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2318628955-210851437-4052573652-500 - Administrator - Disabled)
Gast (S-1-5-21-2318628955-210851437-4052573652-501 - Limited - Disabled)
HP (S-1-5-21-2318628955-210851437-4052573652-1001 - Administrator - Enabled) => C:\Users\HP
UpdatusUser (S-1-5-21-2318628955-210851437-4052573652-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVerMedia TV Player (HKLM-x32\...\InstallShield_{DFD1F64D-2AF0-4CE2-9752-D701E80F8D1C}) (Version: 1.8.1 - AVerMedia Technologies, Inc.)
AVerMedia TV Player (x32 Version: 1.8.1 - AVerMedia Technologies, Inc.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{b76c0d12-422c-44e3-9daa-9363451e24cd}) (Version: 1.1.44.15481 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.44.15481 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.4919 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Elevated Installer (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Equalify v2.5.3 (Stable) (HKLM-x32\...\{33EC4F70-9F4B-406F-BB2A-F75A285E927D}) (Version: 2.5.3.0 - Equalify)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{42f02a91-da9c-48e1-8dc5-37f4449db969}) (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.5.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\HPConnectedMusic) (Version: 1.1 (build 37) hp - Meridian Audio Ltd)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{448286F7-9BCC-4254-A6DC-CB40DC852F55}) (Version: 2.10.25 - Portrait Displays, Inc.)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Wireless Printer Adapter (HKLM-x32\...\{991C5595-5151-4D70-B6CC-90633AC69076}) (Version: 1.00.2000 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft PhotoDraw 2000 V2 (HKLM-x32\...\{3C5EA394-1033-11D2-A2CB-00C04F72F31D}) (Version: 2.00.00.0820 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.1 - Notepad++ Team)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.1.5446 - ownCloud)
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Plus500 (HKLM-x32\...\Plus500) (Version: - )
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
RawPacketDriver (HKLM\...\{7E5BEF96-0293-442B-B344-62902D302522}) (Version: 5.5.1805 - PCAUSA)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
SDK (x32 Version: 2.28.007 - Portrait Displays, Inc.) Hidden
SimpleScreenshot 1.40 (HKLM-x32\...\SimpleScreenshot) (Version: - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2318628955-210851437-4052573652-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2700 - Broadcom Corporation)
Win8 x64Components v1.5.7 (HKLM\...\Win8 x64Components_is1) (Version: 1.5.7 - Shark007)
win8codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.5.7 - Shark007)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2318628955-210851437-4052573652-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
03-09-2015 21:18:56 Geplanter Prüfpunkt
05-09-2015 00:25:33 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {14815C6B-E137-4921-89AF-F232DEC0DC73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {258E9C9A-FE3A-4257-9315-81B2FB3ADFDF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {3272F590-AFF8-48F3-8985-963446BC7A57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {3367926E-2795-4A83-96B6-F7056F2986EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {36141812-382C-4E52-B002-AB37C35D2C5F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {3615CB25-48D8-4832-BAF1-882C1512B49E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {388DDA9B-77CE-421B-A8EF-26813F43540B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {58A1093C-950D-46C7-9484-FBB5AD9966A4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {5C1926F3-AD0A-4902-9B0F-F553053035E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {69CC6E44-9878-4012-A9F5-293A9D847677} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2318628955-210851437-4052573652-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {8CB87094-6241-46D6-AFE8-FB3193A1091F} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2318628955-210851437-4052573652-1001
Task: {94E55260-27D5-4DD3-9E9F-7703D04095C0} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {A2ECA964-42EB-4523-AC80-C865C38C4053} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {A89755F1-53A5-46EF-98B2-228C2C9F7417} - System32\Tasks\HPCeeScheduleForHP => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {D5610288-FC83-4A98-9839-20565EF5B572} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {E96886D5-B873-43BC-958B-69C03D0A3D2B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-07-29] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHP.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-08-11 16:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-09-28 00:52 - 2012-09-28 00:52 - 00047480 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2015-06-19 03:31 - 2015-06-19 03:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\HP\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2015-09-01 16:41 - 2015-09-01 16:41 - 01748494 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2012-11-29 17:23 - 2012-08-08 21:47 - 00163840 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerHIDReceiver\AVerHIDReceiver.exe
2015-03-17 21:29 - 2008-05-16 19:33 - 01998848 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
2015-03-17 21:29 - 2008-01-15 02:09 - 00385536 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scLanUtil.dll
2015-03-17 21:29 - 2007-10-11 04:50 - 00091136 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scUsb.dll
2015-03-17 21:29 - 2008-01-08 03:29 - 00308736 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scComm.dll
2015-03-17 21:29 - 2008-01-07 23:27 - 00302080 _____ () C:\Program Files (x86)\HP Wireless Printer Adapter\scUtil.dll
2012-11-29 17:20 - 2010-05-13 18:34 - 00674928 _____ () C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
2015-09-03 21:36 - 2015-08-28 03:56 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 21:36 - 2015-08-28 03:56 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-03 21:36 - 2015-08-28 03:56 - 28659016 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
2015-04-26 19:49 - 2013-08-08 13:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-01 16:41 - 2015-09-01 16:41 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-09-01 16:41 - 2015-09-01 16:41 - 00971278 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 09:59 - 2015-08-06 09:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 09:59 - 2015-08-06 09:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-08-06 17:48 - 2015-08-06 17:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 09:10 - 2015-08-06 09:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 09:11 - 2015-08-06 09:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 09:16 - 2015-08-06 09:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 09:14 - 2015-08-06 09:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 09:21 - 2015-08-06 09:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 09:16 - 2015-08-06 09:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 09:14 - 2015-08-06 09:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 09:17 - 2015-08-06 09:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 11:35 - 2015-08-06 11:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 09:26 - 2015-08-06 09:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 11:38 - 2015-08-06 11:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2012-11-29 17:23 - 2012-08-08 21:48 - 00053248 _____ () c:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2012-11-29 17:24 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-11-29 17:24 - 2009-02-19 19:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2012-01-17 15:21 - 2012-01-17 15:21 - 00068104 _____ () C:\Program Files (x86)\Hewlett-Packard\HP My Display\PEGAACPIDLL.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\HP\SkyDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2318628955-210851437-4052573652-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hape logo1whiteonblack1920x1200.jpg
DNS Servers: 195.128.104.1 - 195.128.104.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F2A077C3-C01D-43AB-98A7-0E934CB9E210}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{AF49A352-060B-4835-A1DE-EFFC4A7EC23C}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{EAB9A753-3A79-4131-A590-7E0D68D259FF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [UDP Query User{C5EF15CC-2CEB-4C09-8058-AC6508565F6D}C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{14F7EF8B-2A96-48DE-B8DA-4E1AB749EFAD}C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hp\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9932368-7AC7-43DB-9925-49F2678A3967}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D848F0A1-A424-4D39-A76B-DD9BD63E4105}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\SelectPrinter.exe
FirewallRules: [{52B4EB8E-F0B5-409D-BB20-43266AF38539}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\SelectPrinter.exe
FirewallRules: [{DB34C018-66C0-4165-8A01-72E363FEC406}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
FirewallRules: [{E80DCCCF-9B32-45BC-A7B8-D06C50BF9BBC}] => (Allow) C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
FirewallRules: [UDP Query User{7D1DD385-66CC-4AE9-A178-5C71B0FE8945}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{46674A93-C7AF-4474-B0FE-283404E57E22}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EE890BD7-79D0-4DFA-8C73-D5017C0BBD89}] => (Allow) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F7029E8E-C2F1-4CE7-8A38-F1C2A7454A78}] => (Allow) C:\Users\HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7FE08982-D068-4E60-B1C8-B27F4A3DA3BD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0B254ED4-AA7F-41A0-88B5-52609CDE3D76}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7EA8D7FE-D1BA-4EC5-8C9E-8E1BE7CD7F0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C27A53D1-F012-42AC-B1A7-D28FEB9EB292}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{21BE7075-5E05-4FD3-816A-16DB5FE64797}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91957AA5-8825-4F6C-B78C-39BA422E4A9D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52D0D80C-225F-4F6B-B46D-201A4F58EE2C}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E4C\hppiw.exe
FirewallRules: [{230F4E08-FE60-4BBC-A68C-A2026ED70ED7}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E4C\hppiw.exe
FirewallRules: [TCP Query User{2FA71948-36D9-49ED-B5D7-AEF580AE435A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFAB5F0E-A115-488E-98FF-AE9FFC2AA66A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{BE5EA581-425F-4A47-A885-17081BB25A4F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2CDD56B2-20E9-43BB-B70A-7D79D6926548}] => (Allow) LPort=2869
FirewallRules: [{C13EE6B2-D72E-400E-BE67-33E514890405}] => (Allow) LPort=1900
FirewallRules: [{B90B1DFA-BF84-4AC8-B628-10E3A23F08DA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{42766030-DDDF-4DC9-B3A6-FAD28A0742AA}] => (Allow) C:\Users\HP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{7EDCF017-60F0-4F45-B0C3-B7ECF4A1B360}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BDA1230B-EF5C-4426-B819-9DC0796C5D6E}C:\users\hp\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hp\appdata\roaming\spotify\spotify.exe
FirewallRules: [{334B9BFB-731C-4D79-85A7-47B031599DF2}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS95CF.tmp\SetupWizard.exe
FirewallRules: [{1DE2B444-9B83-4C38-BC3A-19BAB3FBE3C4}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS95CF.tmp\SetupWizard.exe
FirewallRules: [{9F3F1AE1-D213-45A6-9EC3-7B5ED014F4EE}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS2A59.tmp\SetupWizard.exe
FirewallRules: [{3BF34613-1250-444D-BB1B-7458B5BC99CA}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS2A59.tmp\SetupWizard.exe
FirewallRules: [{9561A5B2-23EE-4DD6-8BE8-5773B94E1CEB}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSE041.tmp\SetupWizard.exe
FirewallRules: [{84E6738C-E093-466F-B413-5A806E28D1C3}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSE041.tmp\SetupWizard.exe
FirewallRules: [{60ACA6D4-B942-441C-8572-945B48A39BE3}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSF1E3.tmp\SetupWizard.exe
FirewallRules: [{170B9C05-8B03-4BFC-B8FC-6E65F8B3AB6A}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zSF1E3.tmp\SetupWizard.exe
FirewallRules: [{FF90B302-12BC-4F0D-B1B7-98815E2E03FE}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS6E37.tmp\SetupWizard.exe
FirewallRules: [{188BFF55-D57F-4D0C-80D0-FB394F6D8EE0}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS6E37.tmp\SetupWizard.exe
FirewallRules: [{353D178B-2BE5-4637-96F1-A0B86CF5598C}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS425.tmp\SetupWizard.exe
FirewallRules: [{AA2F9531-71AE-4B08-8B65-8451B2E6C7DF}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS425.tmp\SetupWizard.exe
FirewallRules: [{9F04419E-3662-4482-9D96-401DE2ED43B8}] => (Allow) C:\Users\HP\Downloads\COL22470\SetupWizard.exe
FirewallRules: [{0C39E98A-F214-463C-BB0F-BCC2C25B37D6}] => (Allow) C:\Users\HP\Downloads\COL22470\SetupWizard.exe
FirewallRules: [{713A66C9-A4B9-4835-A67E-6B74012891ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{946B5A52-18E8-4049-A722-E3B77BF9C3F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{795C5AE1-EE02-42B8-BDB6-0A0F857A6BE3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2F090F23-579E-492A-B695-9C481AC1F9AD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{495FE933-E072-46B1-BD7E-14780B6D8FBE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{4B7B7432-4C40-4ABE-86DA-097BE88586D5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{264BE165-8B45-481E-A0B0-A21F8C935545}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E61\hppiw.exe
FirewallRules: [{14492D27-34A6-47A7-859A-973AD33B3F76}] => (Allow) C:\Users\HP\AppData\Local\Temp\7zS5E61\hppiw.exe
FirewallRules: [TCP Query User{A1BCF2F1-A9A0-4D0D-9EEF-D8DC96AB5993}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{75DC0352-111F-444F-BBD7-FD0BDAA2DE8C}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{C8D3E39A-C227-487E-ACEA-AB6F8896B16D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{7001398A-582D-4B71-9D7C-0FEF8E186A66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/05/2015 07:41:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (09/05/2015 12:12:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdwCleaner_5.005.exe, Version: 5.0.0.5, Zeitstempel: 0x55e49af5
Name des fehlerhaften Moduls: AdwCleaner_5.005.exe, Version: 5.0.0.5, Zeitstempel: 0x55e49af5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001eeaa
ID des fehlerhaften Prozesses: 0xa24
Startzeit der fehlerhaften Anwendung: 0xAdwCleaner_5.005.exe0
Pfad der fehlerhaften Anwendung: AdwCleaner_5.005.exe1
Pfad des fehlerhaften Moduls: AdwCleaner_5.005.exe2
Berichtskennung: AdwCleaner_5.005.exe3
Vollständiger Name des fehlerhaften Pakets: AdwCleaner_5.005.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AdwCleaner_5.005.exe5
Error: (09/04/2015 07:34:01 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (09/03/2015 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3656
Error: (09/03/2015 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3656
Error: (09/03/2015 10:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/03/2015 10:42:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2438
Error: (09/03/2015 10:42:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2438
Error: (09/03/2015 10:42:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/03/2015 10:42:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141
Systemfehler:
=============
Error: (09/05/2015 08:54:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (09/05/2015 12:50:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2015 12:26:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2015 12:26:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2015 12:26:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2015 12:26:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "IconMan_R" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2015 12:26:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2015 12:26:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2015 12:26:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Portrait Displays SDK Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/05/2015 12:26:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
CodeIntegrity:
===================================
Date: 2015-09-02 20:59:33.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3330S CPU @ 2.70GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8128.77 MB
Verfügbarer physikalischer RAM: 4316.05 MB
Summe virtueller Speicher: 9936.77 MB
Verfügbarer virtueller Speicher: 4631.22 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:119.66 GB) (Free:45.31 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Eigene) (Fixed) (Total:798.34 GB) (Free:259.22 GB) NTFS
Drive e: (Recovery Image) (Fixed) (Total:11.69 GB) (Free:1.38 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive f: (METALLICATHROUGHTHENEVER2D) (CDROM) (Total:40.35 GB) (Free:0 GB) UDF
Drive h: (MUSIKAUTO32) (Fixed) (Total:29.8 GB) (Free:0.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BB0A4CC6)
Partition: GPT.
========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 76F08D3D)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
__________________ ___________ MfG Gustavo |
|
05.09.2015, 19:15
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Online-Banking-Account gesperrt - Verdacht auf Trojaner Nö, manche sind echt angepisst wenn ein Fehlalarm so interpretiert wird, dass man dann bestimmte Dinge nicht mehr machen darf  FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.09.2015, 19:28
| #13 |
| | Online-Banking-Account gesperrt - Verdacht auf TrojanerCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-09-2015
durchgeführt von HP (2015-09-05 20:19:20) Run:1
Gestartet von C:\Users\HP\Desktop
Geladene Profile: HP (Verfügbare Profile: HP)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
EmptyTemp:
*****************
EmptyTemp: => 2.1 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 20:23:29 ====
__________________ ___________ MfG Gustavo |
|
05.09.2015, 20:07
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Online-Banking-Account gesperrt - Verdacht auf Trojaner Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.09.2015, 00:41
| #15 |
| | Online-Banking-Account gesperrt - Verdacht auf Trojaner Hier mal mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.09.2015 Suchlaufzeit: 21:13 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.05.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: HP Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 385981 Abgelaufene Zeit: 11 Min., 16 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) So, fertig: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=59320853e158d741b9d35fae7512d5d8
# end=init
# utc_time=2015-09-05 07:30:50
# local_time=2015-09-05 09:30:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25622
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=59320853e158d741b9d35fae7512d5d8
# end=updated
# utc_time=2015-09-05 07:33:39
# local_time=2015-09-05 09:33:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=59320853e158d741b9d35fae7512d5d8
# engine=25622
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-05 09:37:49
# local_time=2015-09-05 11:37:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2122689 66370362 0 0
# scanned=626908
# found=9
# cleaned=0
# scan_time=7450
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Vuze\.install4j\user\mism.exe"
sh=273A2A936AEC8B68DE2329EF69996F616B0D757E ft=1 fh=6e75ff11b16007d4 vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\HP\Downloads\vlc-2.1.3-win64.exe"
sh=C0E28878041F7708BC82DD28153719E88A91C1BA ft=1 fh=0e746c2d3c3fdba6 vn="Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\HP\SkyDrive\Ascentronic\GRID32.OCX-Reparaturprogramm-WinThruster.exe"
sh=809DE1269F85B8482468EFF48295D4D01D4333C5 ft=1 fh=f64f4ef20801cba0 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Programme\Flash\Setup_FreeFlvConverter.exe"
sh=FDEF8FB6E2EC329B2CA1CEF62AAAA39318D9A485 ft=1 fh=eaa9c73edc9f4b14 vn="Variante von Win32/KeyLogger.AllInOneKeylogger.N Anwendung" ac=I fn="D:\Eigene Programme\keylogger\keysetup.exe"
sh=2B4C76FAB20FEB381900C0B7A37A4D218D251541 ft=1 fh=08a626ee2fab186e vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Programme\Windows\Media Player Codec Pack\SoftonicDownloader82694.exe"
sh=606FB9BD738CAD596F9A1FA298C93A453E847F30 ft=1 fh=b3c25e2839ca0a43 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Programme\Windows\Windows Media Player 12 Codecs\win8codecs_v157.exe"
sh=243DCF532CB0DFF35B0525C4B16FCA77FFF4CC9E ft=1 fh=335fdff8ca918379 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Programme\Windows\Windows Media Player 12 Codecs\Win8x64Components_v157.exe"
sh=BAC218679E7FC13628A0B74BF9781D4AC9C1AE19 ft=1 fh=3b376e16481d5c73 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Eigene Programme\Youtube\FreeVideoToFlashConverte_5.0.23.320.exe"
__________________ ___________ MfG Gustavo |
|
| Themen zu Online-Banking-Account gesperrt - Verdacht auf Trojaner |
| .com, asus, avira, bitcoin, desktop, dnsapi.dll, einstellungen, fehler, gesperrt, google, infizierte, löschen, modul, problem, programm, prozesse, pua/installcore.gen, registry, rundll, services.exe, software, svchost.exe, system, trojaner, warnung, windows, winlogon.exe, wuauclt.exe, xperia |
