Ständiger Befall von unerwünschten Programmen und Treiberprobleme unter Windows 7

deeprybka · 19.11.2015, 10:11

Hallo, das ist jetzt doch interessanter als erwartet.

Fragen:
Hast Du diese Email mit der "Mahnung" noch?
Welche dll meckert Kaspersky an? Bitte Log oder Screenshot posten.
Der PC wurde in der Zwischenzeit nur im abgesicherten Modus gestartet?
Hast Du einen zweiten PC von dem Du etwas downloaden könntest?
Hast Du noch etwas Zeit um das Problem zu lösen oder möchtest Du neuinstallieren?

Thorstie · 19.11.2015, 11:57

Hallo, das ist jetzt doch interessanter als erwartet.

-> Hi, ich dachte mir schon das ich ein Sonderfall bin ist normal bei mir!

Fragen:
Hast Du diese Email mit der "Mahnung" noch?

-> Nein das Teil habe ich direkt gelöscht. Ich wußte gleich was ich falsch gemacht hab.

Welche dll meckert Kaspersky an? Bitte Log oder Screenshot posten.

-> Im Moment gar keine mehr. Bis vor 2 Tagen hat er auch immer wieder .exe Dateien gefunden die schädlich waren/bzw. sind.

Der PC wurde in der Zwischenzeit nur im abgesicherten Modus gestartet?

-> jaein

Hast Du einen zweiten PC von dem Du etwas downloaden könntest?

-> ja gar kein Problem!

Hast Du noch etwas Zeit um das Problem zu lösen oder möchtest Du neuinstallieren?

-> Ja hab ich bitte nicht neuinstallieren

deeprybka · 19.11.2015, 12:12

OK.
Vielleicht bin ich schon "trojanerblind" aber muss mir das nochmal in Ruhe genau anschauen.

Poste Dir am Abend neue Anweisungen.

Jetzt bitte mal Combofix im NormalBoot (!) laufen lassen. Kaspersky Echtzeitschutz vorher deaktivieren. Combofix auf den Desktop runterladen.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Thorstie · 19.11.2015, 14:11

Code:

ATTFilter

ComboFix 15-11-17.01 - Thorsten 19.11.2015  13:38:02.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.12230.9597 [GMT 1:00]
ausgeführt von:: c:\users\Thorsten\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
FW: Kaspersky Internet Security *Disabled* {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
SP: Kaspersky Internet Security *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Thorsten\AppData\Roaming\993
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-10-19 bis 2015-11-19  ))))))))))))))))))))))))))))))
.
.
2015-11-19 12:50 . 2015-11-19 12:50	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-19 11:05 . 2015-11-19 11:05	--------	d-----w-	c:\users\Thorsten\AppData\Roaming\glonass-0
2015-11-19 06:37 . 2015-11-19 12:52	94656	----a-w-	c:\windows\system32\WPRO_41_2001woem.tmp
2015-11-19 06:37 . 2015-11-19 11:05	--------	d-----w-	c:\programdata\oyn
2015-11-18 18:20 . 2015-11-18 18:20	--------	d-----w-	c:\users\Thorsten\AppData\Roaming\quark-0
2015-11-18 18:18 . 2015-11-18 18:18	--------	d-----w-	c:\programdata\median-72
2015-11-17 06:41 . 2015-11-17 06:41	--------	d-----w-	c:\programdata\Malwarebytes
2015-11-17 06:41 . 2015-10-20 03:33	11140960	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE16EA4E-3FC4-4367-A159-9BF44C24462D}\mpengine.dll
2015-11-15 18:58 . 2015-11-15 18:58	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-11-15 14:51 . 2015-11-19 06:33	--------	d-----w-	C:\FRST
2015-11-12 06:54 . 2015-11-03 17:55	3211264	----a-w-	c:\windows\system32\win32k.sys
2015-11-09 18:30 . 2015-11-09 18:30	--------	d-----w-	c:\windows\SysWow64\%Data%
2015-11-05 07:50 . 2015-11-08 11:28	--------	d---a-w-	C:\Kaspersky Rescue Disk 10.0
2015-11-02 06:42 . 2015-11-02 06:42	--------	d-----w-	c:\users\Thorsten\AppData\Local\ESN
2015-11-02 06:42 . 2015-11-02 06:42	--------	d-----w-	c:\program files (x86)\Battlelog Web Plugins
2015-11-01 21:48 . 2015-11-19 11:09	348360	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-11-01 21:48 . 2015-11-02 06:45	76152	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-11-01 18:39 . 2015-11-01 18:43	--------	d-----w-	c:\program files (x86)\Origin Games
2015-11-01 18:38 . 2015-11-02 06:42	--------	d-----w-	c:\users\Thorsten\AppData\Local\Origin
2015-10-30 16:54 . 2015-10-31 17:19	--------	d-----w-	c:\users\Thorsten\AppData\Roaming\inrush-56
2015-10-27 23:02 . 2015-10-03 02:18	102520	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-10-27 18:51 . 2015-11-19 11:09	348360	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-10-27 18:09 . 2015-10-27 18:09	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2015-10-27 15:03 . 2015-10-27 15:03	--------	d-----w-	c:\windows\SysWow64\config\systemprofile\.oracle_jre_usage
2015-10-27 12:20 . 2013-05-06 07:13	110176	----a-w-	c:\windows\system32\klfphc.dll
2015-10-27 12:20 . 2015-10-27 12:20	--------	d-----w-	c:\windows\ELAMBKUP
2015-10-27 12:20 . 2015-11-19 12:52	--------	d-----w-	c:\programdata\Kaspersky Lab
2015-10-27 12:20 . 2015-10-27 18:13	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2015-10-27 12:20 . 2015-10-27 12:40	940936	----a-w-	c:\windows\system32\drivers\klif.sys
2015-10-27 12:20 . 2015-10-27 12:40	181640	----a-w-	c:\windows\system32\drivers\klflt.sys
2015-10-26 12:06 . 2015-10-26 12:06	--------	d-----w-	c:\users\Thorsten\AppData\Local\4r50
2015-10-26 11:44 . 2015-10-27 06:40	--------	d-----w-	c:\users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 16:52 . 2015-10-25 16:52	--------	d-----w-	c:\users\Thorsten\AppData\Roaming\z86
2015-10-25 16:52 . 2015-10-25 16:52	--------	d-----w-	c:\users\Thorsten\AppData\Local\9u92
2015-10-25 09:01 . 2015-10-25 09:04	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-19 12:52 . 2015-02-28 08:01	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2015-11-19 11:09 . 2015-02-19 20:43	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-11-11 08:23 . 2015-02-19 10:17	145617392	----a-w-	c:\windows\system32\MRT.exe
2015-11-06 17:54 . 2015-03-07 07:12	32320	----a-w-	c:\windows\system32\drivers\FNETTBOH_305.SYS
2015-10-27 18:48 . 2015-02-27 07:50	780488	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-27 18:48 . 2015-02-27 07:50	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-27 12:40 . 2015-06-08 18:43	41352	----a-w-	c:\windows\system32\drivers\klpd.sys
2015-10-27 12:39 . 2015-07-04 01:18	227000	----a-w-	c:\windows\system32\drivers\klhk.sys
2015-10-20 00:45 . 2015-11-11 07:04	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 10:24 . 2015-10-13 10:24	4587520	----a-w-	c:\windows\SysWow64\GPhotos.scr
2015-10-12 03:05 . 2015-02-28 00:01	1423304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:05 . 2015-02-28 00:01	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:04 . 2015-02-28 00:01	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2015-02-28 00:01	1710752	----a-w-	c:\windows\system32\nvspcap64.dll
2015-10-03 05:06 . 2015-09-25 17:40	15002304	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-10-03 05:06 . 2015-02-28 00:06	112944	----a-w-	c:\windows\system32\OpenCL.dll
2015-10-03 05:06 . 2015-02-28 00:06	105080	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-10-03 05:06 . 2015-02-28 00:06	3573832	----a-w-	c:\windows\system32\nvapi64.dll
2015-10-03 05:06 . 2015-02-28 00:06	3154104	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-10-03 05:06 . 2015-02-28 00:06	17395512	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-10-03 05:06 . 2015-02-28 00:06	12769408	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-10-03 02:49 . 2015-02-28 00:06	6358648	----a-w-	c:\windows\system32\nvcpl.dll
2015-10-03 02:49 . 2015-02-28 00:06	2982520	----a-w-	c:\windows\system32\nvsvc64.dll
2015-10-03 02:49 . 2015-02-28 00:06	938800	----a-w-	c:\windows\system32\nvvsvc.exe
2015-10-03 02:49 . 2015-02-28 00:06	62768	----a-w-	c:\windows\system32\nvshext.dll
2015-10-03 02:49 . 2015-02-28 00:06	385328	----a-w-	c:\windows\system32\nvmctray.dll
2015-10-03 02:49 . 2015-02-28 00:06	2554488	----a-w-	c:\windows\system32\nvsvcr.dll
2015-10-01 18:06 . 2015-10-14 05:28	692672	----a-w-	c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 05:28	616360	----a-w-	c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 05:28	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 05:28	59392	----a-w-	c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 05:28	32768	----a-w-	c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 05:28	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 05:28	147456	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 05:28	50688	----a-w-	c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 05:28	61440	----a-w-	c:\windows\system32\drivers\appid.sys
2015-10-01 09:33 . 2015-02-28 00:06	5284082	----a-w-	c:\windows\system32\nvcoproc.bin
2015-09-28 05:40 . 2015-02-21 13:14	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-09-14 00:29 . 2015-09-25 17:40	1898288	----a-w-	c:\windows\system32\nvdispco6435598.dll
2015-09-14 00:29 . 2015-09-25 17:40	1558832	----a-w-	c:\windows\system32\nvdispgenco6435598.dll
2015-09-02 03:04 . 2015-09-14 05:34	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-14 05:34	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-14 05:34	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-14 05:34	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-14 05:34	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-14 05:34	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-14 05:34	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-14 05:34	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-14 05:34	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-14 05:34	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	198464	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="c:\users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-17 134512]
"MyComGames"="c:\users\Thorsten\AppData\Local\MyComGames\MyComGames.exe" [2015-11-16 4532680]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2015-11-12 3638256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-09-11 133408]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2015-02-28 5021448]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"FireStormStartUpAutoRun"="c:\program files (x86)\ZotacFireStorm\FireStorm.exe" [2015-07-01 24279040]
"ProductUpdater"="c:\program files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe" [2015-06-17 62464]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
c:\users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 36713096]
quark-08.lnk - c:\users\Thorsten\AppData\Roaming\quark-0\quark-2.exe [2015-11-18 579584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Kaspersky Software Updater Beta.lnk - c:\program files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe -hide [2015-6-1 1394848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x]
R3 CM_VENDER_CMD;CM_VENDER_CMD;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 vssbrigde64;vssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-27 18:48]
.
2015-11-19 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
- c:\users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 17:30]
.
2015-11-19 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
- c:\users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 17:30]
.
2015-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28 08:07]
.
2015-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28 08:07]
.
2015-11-19 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
2015-11-19 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46	236352	----a-w-	c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-13 12936848]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-02-26 13318424]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-08-13 170256]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
SafeBoot-66925414.sys
Toolbar-10 - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
@DACL=(02 0000)
"ExcludeProfileDirs"="AppData\\Local;AppData\\LocalLow;$Recycle.Bin"
"BuildNumber"=dword:00001db1
"FirstLogon"=dword:00000000
"ParseAutoexec"="1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-19  14:08:58 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-19 13:08
.
Vor Suchlauf: 19 Verzeichnis(se), 96.557.965.312 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 96.037.908.480 Bytes frei
.
- - End Of File - - A84EC167FDB6CF07E7EBFBE2E4204C50

Danke schonmal für die ganze Mühe

deeprybka · 19.11.2015, 18:01

Hallo,
bitte folgendes machen (Normalmodus):

Schritt 1
Downloade Dir

Process Explorer auf Deinen Desktop und entpacke die zip-Datei.

Rechtsklick auf das Icon und als Administrator starten.
Akzeptiere die Lizenzbedingungen.
Klicke auf Options und aktiviere "check for virustotal.com".
Bestätige die Nutzungsbedingungen und warte auf die Resultate.
Erstelle einen Screenshot der Prozesse und poste ihn hier. (Achte bitte darauf, dass alle Prozesse auf dem Bild enthalten sind)

Schritt 2
Download von

ZOEK (by Smeenk)

Speichere die zoek.exe auf dem Desktop.
Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)

Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:

Code:

ATTFilter

filesrcm;
C:\ProgramData;m3f
C:\users\Thorsten\AppData\Roaming;m3f
C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe;virustotal
C:\Users\Thorsten\AppData\Roaming\battery-16\battery-7.exe;virustotal 
C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe;virustotal

Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.

Zitat:

Zoek.exe is running now.
Do not start any browser windows, they may get closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
Bitte poste mir das zoek-results.log.

Thorstie · 19.11.2015, 19:46

Hier mal der Anhang als PDF! Das müßte die Prozesse zeigen! Hoffe ich

Thorstie · 19.11.2015, 19:57

Code:

ATTFilter

Zoek.exe v5.0.0.1 Updated 19-November-2015
Tool run by Thorsten on 19.11.2015 at 19:49:06,15.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Thorsten\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

19.11.2015 19:50:13 Zoek.exe System Restore Point Created Successfully.

==== VirusTotal Scan ======================
 
C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe not found
C:\Users\Thorsten\AppData\Roaming\battery-16\battery-7.exe not found
C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-11-19 12:36:15	F042EE4C8D66248D9B86DCF52ABAE416	256000	----a-w-	C:\Windows\PEV.exe
2015-11-19 12:36:15	9E05A9C264C8A908A8E79450FCBFF047	80412	----a-w-	C:\Windows\grep.exe
2015-11-19 12:36:15	5E832F4FAF5F481F2EAF3B3A48F603B8	68096	----a-w-	C:\Windows\zip.exe
2015-11-19 12:36:15	0297C72529807322B152F517FDB0A9FC	406528	----a-w-	C:\Windows\SWSC.exe
2015-11-19 12:36:15	0277C027A26428DB64EF4F64F52BB4FD	208896	----a-w-	C:\Windows\MBR.exe
====== C:\Users\Thorsten\AppData\Local\Temp ====
2015-11-19 17:35:09	ECA3AE15FC14FF9736F637143F4C5A96	71168	----a-w-	C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6ixhcl.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-11-11 07:04:57	D714B7F77DB7E1D81CBFCE8DDCDCC5FE	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-11-11 07:04:56	F1BAAC5C7B35968EFAB7C21C32ECBB28	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-11-11 07:04:56	B35154CD5A10368ED3DB277BB38012B3	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-11-11 07:04:56	5670A441F06AE04D2B587D1BD2DC1DC0	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-11-11 07:04:56	1E643C501E621F91776F9F9AC226FADF	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 07:04:49	912EBD61017559C8163FAF3C1F54AD00	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 07:04:49	68BF7EB3D428C57528E2D134B34512F1	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 07:04:49	14A7260EAD6FAA708DA57E3C6E27A0E4	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 07:04:48	91220E779EDE9C3511C42ECDAA58192B	504832	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-11-11 07:04:48	5FA5FD8DCE9BC04D87A17D0E335388CF	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2015-11-11 07:04:48	25E81C8C9AE6251F472AD3677DE829E0	1311744	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-11-11 07:04:48	1840A7632E1E6EC26762D460F6D1B0E2	342728	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 07:04:48	035F1154B50CE7CAFB60405D83F13A78	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 07:04:47	D49701891D475F61B23BA4DBEF6E71EC	20331520	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-11-11 07:04:47	2F898AFA929824861737488746FD5B47	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 07:04:47	00F600046B58D98631487A8AADC7C200	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 07:04:46	8C3D651836C2E9AADFAA47C5C25CF4D4	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 07:04:45	9A555780545211BD2DD89575088C39F4	2279936	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-11-11 07:04:45	8F13B52696EB7B0D24039E5CB24C088F	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 07:04:45	7FA7A377F32A3D8F2EE4128CF127EB93	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 07:04:45	4BFA8AD57A5ED4508981732F862738EA	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-11-11 07:04:44	ECB3E36B098F8C9BE9DFD6CF38BDBE69	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-11-11 07:04:44	D74C3DAD496F59FAFB9BAF3C24EAAB2F	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 07:04:44	4484B41D0A3F07D71BBCB4DB5C426302	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 07:04:43	9101F70E34D3E28E63299A105B7F12C4	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-11-11 07:04:43	8C9EB49AA5E016500D3C29A59ED52345	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 07:04:43	7B2F5324F28C71D69BC087E27B0BE7AE	12854272	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-11-11 07:04:43	4E84DCAF706E3447951212CFFE2A7B84	480256	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-11-11 07:04:39	832CA97817B20B74E2D74A8154630311	2011136	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-11-11 07:04:39	8215390B06602AC1FDA702CD74A7250C	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2015-11-11 07:04:39	5AAEB88DF7F09677E9C8C849D4915132	4527616	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-11-11 07:04:39	4D20D5ACB439DA837E4329F28C35ADA1	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 07:04:39	1179043BBB3D0C8826D8BF8615A34EB6	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 07:04:38	BCC36AC2241B092E30E0F47B62D7C4EA	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-11-11 07:04:38	68647B5AB71ABB5130CCA4FA55EFB0BD	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-11-11 07:04:22	A860CAA340D18B2CB7B93A9C67FDDB49	3935680	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 07:04:22	8DE94E8213ABE0F7C5154507305779A0	223232	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 07:04:22	64AD529B85D7E856F9A4FFF9C809E693	3991488	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 07:04:22	63F52FF6FCA2C492F4FB7EE545319FA8	251000	----a-w-	C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 07:04:22	0DD296312E531C6E0BF1AB7F2C092801	251392	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-11-11 07:04:22	05D37C4742B32B37ED953631B7B0A7A9	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-11-11 07:04:21	C661D1599DA67BD411479A2C53058DE4	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-11-11 07:04:21	BA00A2FCB86D084F3E8F7D88EC85E216	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-11-11 07:04:21	A748DEC93B4E8C9DDE11B79FB6E97088	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-11-11 07:04:21	9FDCF3A01849F24625DE831C7749F080	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 07:04:21	73F97CF58D1EF42F49B696951BDE6081	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 07:04:21	50D21D408B0FD40019A6EACF94A62ACF	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-11-11 07:04:20	F357AE37073472DD0288B579B0B3E005	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 07:04:20	CFF504AD277328CE10BE56D76297FDAC	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 07:04:20	8A6DE61B5797F03F4E0BB62F467F4854	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-11-11 07:04:20	7B23D23E2F9D51F700BFDD5B5FCAE30A	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-11-11 07:04:20	5D369C45F0D2A993CCDC6BD160793822	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 07:04:20	58ABF51E9107661559B801B07011202D	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-11-11 07:04:20	553F7D05AE3E2EC2EDE06416901F5803	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 07:04:20	4166C05FA57548E6518D7EE20896C0A5	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-11-11 07:04:20	3B6668958DD782D37731EBF4ADA050CF	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-11-11 07:04:20	1D0826DF3F439FECBA99772D0A939A28	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-11-11 07:04:20	1C9E00CA0D823DC672017D8AB92DBC2A	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 07:04:20	1690F4F1807AEC79CF4B6DEF34C366C0	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-11-11 07:04:20	000D8B84E09CC73472945560D411BDAC	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-11-11 07:04:19	CC668F6D0C6F76398AF840C3C0048D93	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-11-11 07:04:19	A2911E5C4BA462F2BD4129418A00449A	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-11-11 07:04:19	7A8070653B42E81F8EFD19054B67C764	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-11-11 07:04:11	6EAA9E88F7985BFA94F10A53725D3AA3	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-11-19 06:37:48	8265CD5C67D0A35DFC40F3D1A8AC994C	94656	----a-w-	C:\Windows\Sysnative\WPRO_41_2001woem.tmp
2015-11-12 06:54:56	92C729B1A03F8B55A68597A50394FB76	3211264	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-11-11 07:04:57	C64959F2D2EE6EDB96916902962D48B9	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-11-11 07:04:57	4AA4838D59A51B3B5A6C2BFC2092FDEC	3168768	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-11-11 07:04:57	361845875ED8ED13086E7F37265C45DA	2608128	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-11-11 07:04:56	F62A6979E13872D744BA69F4F78109B8	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-11-11 07:04:56	CDBE532602413E7FB0C395024749C7AA	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-11-11 07:04:56	B2AA75E472BAB24818915342E44FF2AD	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-11-11 07:04:56	9D3A6E1660B3D6BF63E83A901D1109BB	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-11-11 07:04:56	500B7A762291EC4EE4B445337956BDBC	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-11-11 07:04:56	3E89AD28893A8E9C1F01D2A162C7D457	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-11-11 07:04:56	24E1CD4E823628943540A63187AC282E	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-11-11 07:04:56	246FD89B6B5521AD2CE1C560D666BAD7	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-11-11 07:04:49	65075CAC90824B720E9EB0C6663CE157	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-11-11 07:04:49	478DD45708B600245916A2A0F81FE7C9	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-11-11 07:04:48	CD59055A66EF5DFA3D5EFA2D29B14B0B	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-11-11 07:04:48	95F3687EF1486833AC713A23C671B397	720896	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-11-11 07:04:48	6686B946B973BA1C3B226A95D4E63D8E	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-11-11 07:04:48	1067787EC9DAD6D084306C6795BC409A	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-11-11 07:04:45	E4FB4DE391BB2BFBC5C30BBD519C83BE	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2015-11-11 07:04:45	2BE29ECF17FFCE762C1E3E21EFF06174	390344	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-11-11 07:04:45	08D283FD8FEC1B45932783E8640C700F	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-11-11 07:04:44	CA0F3F16FC677701DFF1087A58B6F5B4	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-11-11 07:04:43	E78DD040D2786BFAF5DED3BC12B438EE	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-11-11 07:04:43	DC1AE8930979FCDC137F44B848556439	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-11-11 07:04:43	806A6CA05B4F1F69C84B871406C2D21D	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-11-11 07:04:42	7E11CF5F472AEDD0D2BE3274FE709CF4	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-11-11 07:04:41	423072B7A458E1B274812796721197BE	2126336	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-11-11 07:04:41	1275AFB2B4E55172F0AE939311F95468	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-11-11 07:04:40	B9DFC06F70545E14A0704698FBD9F926	2886656	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-11-11 07:04:39	5EE8E2E6BFFC9DA9D816A62B904116CD	585728	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-11-11 07:04:39	1837B220558BB96AAB5B95F1BB89BE99	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-11-11 07:04:38	0C7CFA5A099A591A2B7CB2557F0AF1C1	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-11-11 07:04:37	EC72BB355FB8E34B3D4F6140F6795348	616960	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-11-11 07:04:37	1DF0E083D4D067B5798504CC3009F21C	14457856	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-11-11 07:04:36	C4E8F3E26E7FFB4F85FBAC880BB3385C	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-11-11 07:04:36	93CA9F81806793E79635D1B6CE4C10BA	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-11-11 07:04:36	81529B486E446717F7F782D8AB18FC93	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-11-11 07:04:35	FBF2564A3F45F69A5D56D30129635691	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-11-11 07:04:35	F2292865E0C8BCA069BB3F0BBB069265	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-11-11 07:04:35	7EFA2CD22DB05CBC41FF77E16431EF3B	5990912	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-11-11 07:04:35	5698DE88DA9C901E92651394ACBFB34D	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-11-11 07:04:34	033E70DEEE5FED5E9A3E197A2DB1A618	2487808	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-11-11 07:04:33	E35836459E1FFFA011F4716A5B826966	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-11-11 07:04:33	CDCCDC0CA9E094E9CE4EB0ECD970D77A	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-11-11 07:04:33	99E634291C35D8281A772817AA40CD51	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-11-11 07:04:32	67D3A8E2F5DECD6B6F7194BBF58696E6	25818624	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-11-11 07:04:23	6D1CF2634A2EB33D3FCED43D96621FCC	5570496	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-11-11 07:04:23	48078433D1EF32AAA41FCB8109C5F3DC	729600	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-11-11 07:04:22	BA6F0BC094ABBB9EFA3BB636D032C403	299632	----a-w-	C:\Windows\Sysnative\bcryptprimitives.dll
2015-11-11 07:04:22	386BF677B78B66AABBA92C0FCA0579A6	1164800	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-11-11 07:04:22	2068233A1C249B9FADF0690AC4C951D9	312320	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-11-11 07:04:22	08A922374554BA576F96FD3FDFE66964	344064	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-11-11 07:04:21	FF41063E45C6238CAF48CBE6D0D6FC4B	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-11-11 07:04:21	FA15610B77877F2BB2AC5D32277CE82B	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-11-11 07:04:21	F5AA5787F8B4E7200D1BF9171BED3AF0	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-11-11 07:04:21	DF3FD4579118D6F13FE725CDB4F1F93E	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-11-11 07:04:21	CC4E8485336604846E50D28897AAE67F	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-11-11 07:04:21	998C50530F44CE2900779CE7FF6B205E	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-11-11 07:04:21	9066AE964D95B1ABC999CED271556A7C	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-11-11 07:04:21	6818F2C2E6656E48D38951D753097797	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-11-11 07:04:21	4494B06139E8EE6D19FC2BFD0955BCD6	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-11-11 07:04:21	3716E2771C713387C8E8E2CAD170B2B6	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-11-11 07:04:21	2BC45F4CF55B45BDD650828192F132B8	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-11-11 07:04:21	27339655781D5F4C9995FC5202F1F239	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-11-11 07:04:21	1AE4881BAA7C3DE4D9EC8EA38A3F6BCC	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-11-11 07:04:21	1A05FB05E701A9D65EB42656CF46D173	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-11-11 07:04:21	0EA14EE0C4B1DA2447E36FD3E183C015	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-11-11 07:04:21	079317396D1E4F9EE8E745DF5C2372DD	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-11-11 07:04:20	EED57582155969AA51789268FE41E254	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-11-11 07:04:20	A10B9876772F1AB83DEC50EE9B0696B7	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-11-11 07:04:20	95F7494638D489665CB1C172D62FC872	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-11-11 07:04:20	926F7A2F153F004D492C0B8CC105AC2E	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-11-11 07:04:20	9102E19E45AEDE6077023CF2945261F3	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-11-11 07:04:20	60F8ECF4FCE0DDEC8D6E3E2E987867A4	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-11-11 07:04:20	286A1E8B06EE3E8E06176010C41988B2	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-11-11 07:04:20	20592BDF5A368B43BEF086DC61C6863D	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-11-11 07:04:20	1CE982CF943680F776F46D6F9F53642F	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-11-11 07:04:20	105B82E40B82A5B5A140969099FE3FAF	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-11-11 07:04:19	EB618353B1F34E790952982A226AFFB2	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-11-11 07:04:19	700E5B0452B1B2CE1AD23F1557995FF9	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-11-11 07:04:19	6F4AAA80DBB19CE945389FFEA43C1BA1	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-11-11 07:04:11	806E52CF244371661A7079A8A769B00B	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-11-11 07:04:11	663D10339325743941089DF3AE47B2C4	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
====== C:\Windows\Sysnative\drivers =====
2015-11-11 07:04:22	EC0511BB85BAA42A9734011685A6732C	460776	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-11-11 07:04:22	33D52A96BEEE8AFCE9E07EEC9FE0C9DB	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-11-11 07:04:21	BCC83F22805F560C8A487F2F296A78FE	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-11-11 07:04:20	ACB763673BCCE6C7B3B8F858C9FE4F1F	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-11-11 07:04:20	7C81098FBAF2EAF5B54B939F832B0F61	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-11-11 07:04:20	73ADDCC406B86E7DA4416691E8E74BDA	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-11-11 07:04:14	AA77EB517D2F07A947294F260E3ACA83	118272	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-11-11 07:04:14	9A4A1EEE802BF2F878EE8EAB407B21B7	497664	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2015-11-11 07:04:12	F7309F42555F8AAB7144A51A1F2585B0	950720	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
2015-10-27 23:01:08	36BAB895547EA82892292F05FA02142E	11114616	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-10-27 12:20:18	DE7D2DEDE9C9D5219AA439172BA8D21C	181640	----a-w-	C:\Windows\Sysnative\drivers\klflt.sys
2015-10-27 12:20:18	11586A6A85FF124F53E1435A34DD1707	940936	----a-w-	C:\Windows\Sysnative\drivers\klif.sys
====== C:\Windows\Tasks ======
2015-10-27 18:48:54	8A6668CCF52F5C520BD369ED9390B171	884	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 18:48:54	5F6FD71269E1CDBD1CE89AA464D1E9CF	3822	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-11-02 06:42:58	--------	d-----w-	C:\PROGRA~2\Battlelog Web Plugins
2015-11-01 18:39:25	--------	d-----w-	C:\PROGRA~2\Origin Games
2015-10-27 12:20:27	--------	d-----w-	C:\PROGRA~2\Kaspersky Lab
2015-10-25 09:01:29	--------	d-----w-	C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
====== C:\Users\Thorsten\AppData\Roaming ======
2015-11-19 18:15:24	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\vctxo-41
2015-11-19 13:09:26	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2015-11-19 13:09:26	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-11-19 13:09:26	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
2015-11-19 11:05:12	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\glonass-0
2015-11-18 18:20:00	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\quark-0
2015-11-12 06:36:25	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-02 06:42:59	--------	d-----w-	C:\Users\Thorsten\AppData\Local\ESN
2015-11-01 18:38:57	--------	d-----w-	C:\Users\Thorsten\AppData\Local\Origin
2015-10-30 16:54:00	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-26 12:06:53	--------	d-----w-	C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 11:44:31	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 16:52:26	--------	d-----w-	C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 16:52:26	--------	d-----w-	C:\Users\Thorsten\AppData\Local\9u92
====== C:\Users\Thorsten ======
2015-11-19 18:12:41	--------	d-----w-	C:\ProgramData\digipot-5
2015-11-19 17:38:17	--------	d-----w-	C:\ProgramData\rs232-0
2015-11-19 13:09:26	--------	d-----w-	C:\Users\Public\AppData
2015-11-19 06:37:48	--------	d-----w-	C:\ProgramData\oyn
2015-11-17 17:09:00	87A629D7463BCEB2A02CA143EB2DEFF8	2870984	----a-w-	C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 06:40:48	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 18:09:28	0170A4503F85F2D7ABCBEF0419B1C35A	4404952	----a-w-	C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 14:50:50	DF25A498414BCF82EA389CE2DDC3839B	2008576	----a-w-	C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-01 21:48:52	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 18:37:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-10-27 18:13:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 18:09:45	--------	d-----w-	C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 15:03:01	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\.oracle_jre_usage
2015-10-27 12:20:27	--------	d-----w-	C:\ProgramData\Kaspersky Lab

====== C: exe-files ==
2015-11-19 18:36:58	9D8A4379868618F46677DBF2B94C800A	2508432	----a-w-	C:\Users\Thorsten\Desktop\Process\procexp.exe
2015-11-19 18:17:25	BD54CFC858CEB63AE4912EC0A462296C	6874568	----a-w-	C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\Packages\000082f8\DAO.20185103.exe
2015-11-19 18:17:25	9169835679E4F0964AA711BA00CD3D6D	594832	----a-w-	C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\Packages\000082f0\CoProc update.20184769.exe
2015-11-19 18:15:24	10A85C4FC4C7FC164DD5E05878DA4A43	578048	------w-	C:\Users\Thorsten\AppData\Roaming\vctxo-41\vctxo-62.exe
2015-11-19 18:12:41	FC82DCCA97F786CDE8A4943A6B2C36CC	578048	------w-	C:\ProgramData\digipot-5\digipot-57.exe
2015-11-19 17:38:17	F2C2E154EA0E87429A79D4A1A2C1C4C1	657408	------w-	C:\ProgramData\rs232-0\rs232-0.exe
2015-11-19 13:39:38	9481BC5038CF2B8BC9622D74E25FD7A8	630200	----a-w-	C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-11-19 13:39:34	A71115CB47AE13083515819AD674A013	172984	----a-w-	C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-11-19 12:36:15	F042EE4C8D66248D9B86DCF52ABAE416	256000	----a-w-	C:\Windows\PEV.exe
2015-11-19 12:36:15	9E05A9C264C8A908A8E79450FCBFF047	80412	----a-w-	C:\Windows\grep.exe
2015-11-19 12:36:15	5E832F4FAF5F481F2EAF3B3A48F603B8	68096	----a-w-	C:\Windows\zip.exe
2015-11-19 12:36:15	0297C72529807322B152F517FDB0A9FC	406528	----a-w-	C:\Windows\SWSC.exe
2015-11-19 12:36:15	0277C027A26428DB64EF4F64F52BB4FD	208896	----a-w-	C:\Windows\MBR.exe
2015-11-19 11:05:12	25CA91280083550D724E4207F7514123	593920	------w-	C:\Users\Thorsten\AppData\Roaming\glonass-0\glonass-0.exe
2015-11-18 00:22:30	3831E58CD22CC9BDF06F18F843CDFEE9	464896	----a-w-	C:\FRST\Quarantine\C\ProgramData\valve-1\valve-1.exe
2015-11-17 18:19:10	73B5FC7C66C87C9E9421D42979217F6E	579584	----a-w-	C:\FRST\Quarantine\C\ProgramData\hoist-1\hoist-1.exe
2015-11-17 17:09:00	87A629D7463BCEB2A02CA143EB2DEFF8	2870984	----a-w-	C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 06:40:48	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 18:09:28	0170A4503F85F2D7ABCBEF0419B1C35A	4404952	----a-w-	C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 14:50:50	DF25A498414BCF82EA389CE2DDC3839B	2008576	----a-w-	C:\Users\Thorsten\Downloads\FRST64.exe
=== C: other files ==
2015-11-19 18:36:00	E16CEB1197549AA19630AD0982D04E89	1186640	----a-w-	C:\Users\Thorsten\Downloads\ProcessExplorer.zip
2015-11-17 06:36:43	6A9E97FD21794C7FE7B94353425AFB3B	2910982	----a-w-	C:\Users\Thorsten\Dropbox\Datenaustausch Funkzentrale\MP-Feuer\Datensicherung\MPSEC_DATA35P_20151116_201026.ZIP

==== Files C:\ProgramData 0-3 Months Old ======================

2015-10-27 12:20:25	59071590099D21DD439896592338BF95	524288	--sha-w-	C:\ProgramData\ntuser.dat{c0eda2b6-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000002.regtrans-ms
2015-10-27 12:20:25	638E4112DCA9D0ABB8EF0267EDA0084D	524288	--sha-w-	C:\ProgramData\ntuser.dat{c0eda2b6-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000001.regtrans-ms
2015-10-27 12:20:25	9291BD89083DBBB2CFC382B7000FD6E4	65536	--sha-w-	C:\ProgramData\ntuser.dat{c0eda2b6-7ca4-11e5-bbc0-d050995a3687}.TM.blf
2015-10-27 12:20:25	946F0084E53FCDC32FE5812982BDBF3F	5120	--sha-w-	C:\ProgramData\ntuser.dat.LOG1
2015-10-27 12:20:25	BE6DE5D8805D2CA8CA935416D60A51DF	262144	----a-w-	C:\ProgramData\ntuser.dat
2015-10-27 12:20:25	D41D8CD98F00B204E9800998ECF8427E	0	--sha-w-	C:\ProgramData\ntuser.dat.LOG2
2015-10-27 12:20:41	4ECC54AD30DF7DF4909667FE0B57047B	65536	--sha-w-	C:\ProgramData\ntuser.dat{c0eda2cb-7ca4-11e5-bbc0-d050995a3687}.TM.blf
2015-10-27 12:20:41	59071590099D21DD439896592338BF95	524288	--sha-w-	C:\ProgramData\ntuser.dat{c0eda2cb-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000002.regtrans-ms
2015-10-27 12:20:41	7D1C65FB9A7410C55AE9C06DEB27026C	524288	--sha-w-	C:\ProgramData\ntuser.dat{c0eda2cb-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000001.regtrans-ms

==== Files C:\users\Thorsten\AppData\Roaming 0-3 Months Old ======================
1No files found aged 0-3 months

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 19.11.2015 at 19:52:45,46 ======================

deeprybka · 19.11.2015, 22:15

Sehr gute Mitarbeit Thorsten!

Alles im Normalboot-Modus:

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88] 
C:\ProgramData\digipot-5
C:\Users\Thorsten\AppData\Roaming\battery-16
C:\ProgramData\rs232-0
C:\Users\Thorsten\AppData\Roaming\vctxo-41
C:\Users\Thorsten\AppData\Roaming\glonass-0
C:\Users\Thorsten\AppData\Roaming\quark-0
C:\Users\Thorsten\AppData\Roaming\inrush-56
C:\Users\Thorsten\AppData\Local\4r50
C:\Users\Thorsten\AppData\Roaming\ampacity-9
C:\Users\Thorsten\AppData\Roaming\z86
C:\Users\Thorsten\AppData\Local\9u92
C:\ProgramData\median-72
C:\ProgramData\oyn
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk [2015-11-18]
ShortcutTarget: quark-08.lnk -> C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe (Intel(R) Corporation)
EmptyTemp:

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Entfernen-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Neuer Scan mit Malwarebytes:

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 3

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie · 20.11.2015, 09:12

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Thorsten (2015-11-20 08:39:52) Run:5
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88] 
C:\ProgramData\digipot-5
C:\Users\Thorsten\AppData\Roaming\battery-16
C:\ProgramData\rs232-0
C:\Users\Thorsten\AppData\Roaming\vctxo-41
C:\Users\Thorsten\AppData\Roaming\glonass-0
C:\Users\Thorsten\AppData\Roaming\quark-0
C:\Users\Thorsten\AppData\Roaming\inrush-56
C:\Users\Thorsten\AppData\Local\4r50
C:\Users\Thorsten\AppData\Roaming\ampacity-9
C:\Users\Thorsten\AppData\Roaming\z86
C:\Users\Thorsten\AppData\Local\9u92
C:\ProgramData\median-72
C:\ProgramData\oyn
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk [2015-11-18]
ShortcutTarget: quark-08.lnk -> C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe (Intel(R) Corporation)
EmptyTemp:
         
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88] => Wert nicht gefunden.
C:\ProgramData\digipot-5 => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\battery-16" => nicht gefunden.
C:\ProgramData\rs232-0 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\vctxo-41 => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\glonass-0" => nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\quark-0 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\inrush-56 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Local\4r50 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\ampacity-9 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\z86 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Local\9u92 => erfolgreich verschoben
"C:\ProgramData\median-72" => nicht gefunden.
C:\ProgramData\oyn => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk => nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe => nicht gefunden.
EmptyTemp: => 424.2 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 08:40:05 ====

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 20.11.2015
Suchlaufzeit: 08:45
Protokolldatei: 
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.20.02
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Thorsten

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357301
Abgelaufene Zeit: 13 Min., 21 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka · 20.11.2015, 10:41

Schritt 3 noch bitte...

Thorstie · 20.11.2015, 11:09

Oh sorry ich glaub ich seh den Wald vor lauter Bäumen nicht. Mal aber eine grundsätzliche Frage - Den Kaspersky den ich benutze ist der in Ordnung oder sollte man sich anders aufstellen?

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (20-11-2015 11:06:56)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(PC Partner Co.Ltd) C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4628936 2015-11-19] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [rs232-9] => C:\ProgramData\rs232-0\rs232-0.exe -7z
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [vctxo-2] => C:\Users\Thorsten\AppData\Roaming\vctxo-8\vctxo-1.exe [606208 2015-11-20] (American Megatrends, Inc)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\evsys-4.lnk [2015-11-20]
ShortcutTarget: evsys-4.lnk -> C:\Users\Thorsten\AppData\Roaming\evsys-44\evsys-2.exe (Intel(R) Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-20] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-20] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-20 11:06 - 2015-11-20 11:07 - 00026600 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-20 08:45 - 2015-11-20 09:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 08:45 - 2015-11-20 08:45 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-20 08:45 - 2015-11-20 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-20 08:44 - 2015-11-20 08:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-20 08:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-20 08:43 - 2015-11-20 08:43 - 22908888 _____ (Malwarebytes ) C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-20 08:39 - 2015-11-20 08:43 - 00000000 ____D C:\ProgramData\oyn
2015-11-20 08:39 - 2015-11-20 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\evsys-44
2015-11-20 08:39 - 2015-11-20 08:39 - 00000000 ____D C:\ProgramData\powercap-12
2015-11-20 08:38 - 2015-11-20 08:38 - 00000000 ____D C:\Users\Thorsten\Downloads\FRST-OlderVersion
2015-11-20 08:37 - 2015-11-20 08:37 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\vctxo-8
2015-11-19 19:50 - 2015-11-19 19:52 - 00025760 _____ C:\zoek-results.log
2015-11-19 19:49 - 2015-11-19 19:49 - 00000000 ____D C:\zoek_backup
2015-11-19 14:09 - 2015-11-19 14:09 - 00030817 _____ C:\ComboFix.txt
2015-11-19 13:36 - 2015-11-19 14:09 - 00000000 ____D C:\Qoobox
2015-11-19 13:36 - 2015-11-19 14:04 - 00000000 ____D C:\Windows\erdnt
2015-11-19 13:36 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-19 13:36 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-19 13:36 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-19 07:37 - 2015-11-20 08:40 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 15:51 - 2015-11-20 11:06 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-20 08:38 - 02020352 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-20 10:39 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-20 10:39 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:48 - 2015-11-20 11:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-20 10:33 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-20 10:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-20 10:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 10:39 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-20 10:20 - 2015-02-19 10:30 - 01055363 _____ C:\Windows\WindowsUpdate.log
2015-11-20 09:55 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 09:13 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-20 08:48 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-20 08:48 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-20 08:47 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-20 08:47 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-20 08:47 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-20 08:41 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-20 08:41 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-20 08:41 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-20 08:40 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-20 08:40 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-20 08:40 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 08:40 - 2015-02-19 10:51 - 00217456 _____ C:\Windows\PFRO.log
2015-11-20 08:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-20 08:40 - 2009-07-14 05:51 - 00154073 _____ C:\Windows\setupact.log
2015-11-19 19:47 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-19 19:34 - 2015-02-20 08:36 - 00031232 _____ C:\Users\Thorsten\Desktop\Ausgaben.xls
2015-11-19 18:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Deployment
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apps\2.0
2015-11-19 13:53 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-19 13:52 - 2009-07-14 03:34 - 74186752 _____ C:\Windows\system32\config\software.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 24641536 _____ C:\Windows\system32\config\system.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\default.bak
2015-11-19 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-19 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-19 07:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv4pt9v.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Thorsten (2015-11-20 11:07:31)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

12-11-2015 08:06:39 Windows Update
15-11-2015 19:00:13 Windows-Sicherung
16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update
19-11-2015 13:36:19 ComboFix created restore point
19-11-2015 14:12:57 Removed TEC-IT TBarCode Office 10
19-11-2015 19:50:04 zoek.exe restore point
20-11-2015 08:45:48 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-19 13:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-11-01 22:48 - 2015-11-20 10:39 - 00348360 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-20 08:40 - 2015-11-20 08:40 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv4pt9v.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 06:35 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-10-01 19:30 - 2015-10-01 19:30 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\8db6991b5800d6791b92d33532627df2\PSIClient.ni.dll
2015-02-28 08:27 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/20/2015 08:42:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/20/2015 08:41:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/20/2015 08:40:45 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/20/2015 08:39:58 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/20/2015 08:38:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/20/2015 08:36:58 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/19/2015 07:48:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/19/2015 07:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ee543
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x29c8f81c
ID des fehlerhaften Prozesses: 0x20e4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (11/19/2015 06:35:04 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/19/2015 02:17:04 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/20/2015 08:40:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update Service (gupdate)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-11-19 13:45:18.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-19 13:45:18.024
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 9116.04 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 21290.29 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:88.92 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1193.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Thorstie · 21.11.2015, 20:16

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (21-11-2015 20:14:18)
Gestartet von C:\Users\Thorsten\Desktop
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4628936 2015-11-19] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF Extension: Adblock Plus - C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-21]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-21] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-21 20:02 - 2015-11-21 20:02 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-21 19:53 - 2015-11-21 19:53 - 00044953 _____ C:\Users\Thorsten\Desktop\Addition.txt
2015-11-21 19:52 - 2015-11-21 20:14 - 00026186 _____ C:\Users\Thorsten\Desktop\FRST.txt
2015-11-21 19:50 - 2015-11-21 19:50 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-21 19:50 - 2015-11-21 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-21 19:50 - 2015-11-21 19:50 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-21 19:49 - 2015-11-21 19:49 - 00584288 _____ (Oracle Corporation) C:\Users\Thorsten\Downloads\jxpiinstall.exe
2015-11-21 17:12 - 2015-11-21 17:12 - 02345984 _____ (Farbar) C:\Users\Thorsten\Desktop\FRST64.exe
2015-11-21 09:02 - 2015-11-21 19:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-21 09:02 - 2015-11-21 09:02 - 08202040 _____ (TeamViewer GmbH) C:\Users\Thorsten\Downloads\TeamViewer_Setup_de-jfa.exe
2015-11-21 09:02 - 2015-11-21 09:02 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-21 09:02 - 2015-11-21 09:02 - 00001038 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-20 11:07 - 2015-11-20 11:08 - 00045690 _____ C:\Users\Thorsten\Downloads\Addition.txt
2015-11-20 11:06 - 2015-11-20 11:08 - 00068784 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-20 08:45 - 2015-11-20 09:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 08:45 - 2015-11-20 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-20 08:44 - 2015-11-20 08:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-20 08:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-19 19:50 - 2015-11-19 19:52 - 00025760 _____ C:\zoek-results.log
2015-11-19 19:49 - 2015-11-19 19:49 - 00000000 ____D C:\zoek_backup
2015-11-19 14:09 - 2015-11-19 14:09 - 00030817 _____ C:\ComboFix.txt
2015-11-19 13:36 - 2015-11-19 14:09 - 00000000 ____D C:\Qoobox
2015-11-19 13:36 - 2015-11-19 14:04 - 00000000 ____D C:\Windows\erdnt
2015-11-19 13:36 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-19 13:36 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-19 13:36 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 15:51 - 2015-11-21 20:14 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-20 08:38 - 02020352 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-20 17:32 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-20 17:32 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:48 - 2015-11-21 19:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-21 20:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:01 - 2015-11-21 19:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-21 20:10 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-21 20:10 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-21 20:08 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-21 20:08 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-21 20:08 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-21 20:05 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-21 20:05 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-21 20:05 - 2015-02-19 10:30 - 01148530 _____ C:\Windows\WindowsUpdate.log
2015-11-21 20:04 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-21 20:04 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-21 20:02 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-21 20:02 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-21 20:02 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-21 20:02 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-21 20:02 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-21 20:02 - 2015-02-19 10:51 - 00223486 _____ C:\Windows\PFRO.log
2015-11-21 20:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-21 20:02 - 2009-07-14 05:51 - 00154409 _____ C:\Windows\setupact.log
2015-11-21 19:51 - 2015-09-28 06:40 - 00000000 ____D C:\Users\Thorsten\.oracle_jre_usage
2015-11-21 19:51 - 2015-02-21 14:14 - 00000000 ____D C:\ProgramData\Oracle
2015-11-21 19:48 - 2015-02-19 10:28 - 00000000 ____D C:\Users\Thorsten
2015-11-21 19:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-21 19:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-21 18:17 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-21 18:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-21 18:16 - 2015-10-13 08:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-21 18:16 - 2015-02-28 09:02 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-21 18:16 - 2015-02-28 09:02 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-21 15:52 - 2015-02-19 13:41 - 00068312 _____ C:\Users\Thorsten\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-21 15:51 - 2009-07-14 05:45 - 00310552 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-21 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-21 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-21 09:00 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder
2015-11-20 17:31 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-19 19:47 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-19 18:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Deployment
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apps\2.0
2015-11-19 13:53 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-19 13:52 - 2009-07-14 03:34 - 74186752 _____ C:\Windows\system32\config\software.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 24641536 _____ C:\Windows\system32\config\system.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\default.bak
2015-11-19 07:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpomuhfd.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-20 13:25

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von Thorsten (2015-11-21 19:53:17)
Gestartet von C:\Users\Thorsten\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update
19-11-2015 13:36:19 ComboFix created restore point
19-11-2015 14:12:57 Removed TEC-IT TBarCode Office 10
19-11-2015 19:50:04 zoek.exe restore point
20-11-2015 08:45:48 Windows Update
21-11-2015 19:45:43 Removed Java 8 Update 60
21-11-2015 19:46:20 Removed Java 8 Update 60

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-19 13:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-21 17:46 - 2015-11-12 16:10 - 00613968 ____N () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-21 19:30 - 2015-11-21 19:30 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphnj3xa.dll
2015-10-01 19:30 - 2015-10-01 19:30 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\8db6991b5800d6791b92d33532627df2\PSIClient.ni.dll
2015-02-28 08:27 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{F245D147-DF5B-4D1E-9922-4BFFFEE099D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{943251E6-15D0-45C4-BD79-01E438D587D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BEB9B0C4-6950-46F3-B5F9-A63897F97363}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{234B3EA9-A073-4BE1-8029-0BC0E658AC2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0CF7166E-149E-4AA0-85D3-AD6E849AA274}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{983F165F-A589-4324-AB97-C848798E352B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/21/2015 07:50:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/21/2015 07:46:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:46:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:46:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360Safe Anti Hacker Service.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:45:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:45:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:45:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360Safe Anti Hacker Service.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:38:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/21/2015 07:29:53 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/21/2015 07:22:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (11/21/2015 07:39:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/21/2015 07:39:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/21/2015 07:39:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/21/2015 07:39:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/21/2015 07:39:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/21/2015 07:39:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2015-11-19 13:45:18.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-19 13:45:18.024
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 9314.54 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 21280.48 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:88.95 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1193.85 GB) NTFS
Drive e: (eSysRescueLiveCD) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka · 21.11.2015, 20:17

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

20.11.2015, 10:41	#40
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ständiger Befall von unerwünschten Programmen und Treiberprobleme unter Windows 7 Schritt 3 noch bitte... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Ständiger Befall von unerwünschten Programmen und Treiberprobleme unter Windows 7

Plagegeister aller Art und deren Bekämpfung: Ständiger Befall von unerwünschten Programmen und Treiberprobleme unter Windows 7