Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 22.12.2015, 11:05   #1
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Guten Tag zusammen,

seit ca. 1 Woche habe ich nun folgendes Problem.

Nachdem ich laufend auf Werbeseiten weitergeleitet wurde, habe ich Malwarebytes installiert und es wurde prompt, nach einem Suchlauf, sehr viele Dateien in Quarantäne verschoben, die danach auch gelöscht wurden.

Leider kommt es nach jedem PC-Start vor, dass sich Office-Note versucht zu starten und etwas senden möchte.. Des Weiteren kommt ca. 10 mal die Meldung das gefragt wird "wie soll dieses Element geöffnet werden?". Wenn ich ein Programm, beispielsweise Chrome anwähle, öffnen sich Werbeseiten.

Nachdem alles abgebrochen wurde und generell im Internet gesurft wird, meldet sich teilweise Malwarebytes.

Es kam nun schon einmal vor, dass das Internet gar nicht mehr ging. Erst nach einem Suchlauf von Malwarebytes und anschließendem Neustart ging es dann wieder.

Wäre super wenn jemand helfen könnte.

Anbei die logs von FRST

FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Daniel (Administrator) auf GLOBALITY (22-12-2015 11:41:26)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe" start "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\QuickSearch\spw3016.exe
(Joan Abner) C:\Program Files (x86)\QuickSearch\uninstall.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Internet Monitor) C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883280 2015-12-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [15664152 2015-08-18] (LINE Corporation)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [BandwidthStat] => C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe [569344 2015-12-15] (Internet Monitor)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-07-16] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2015-12-15]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-15]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c3d2b33a-5f1a-4bce-8c16-a5ea94bc6a72}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
URLSearchHook: HKU\S-1-5-21-2676936528-1030403693-891089861-1001 - (Kein Name) - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - Keine Datei
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default
FF NewTab: about:newtab
FF DefaultSearchEngine: MyStart
FF Homepage: hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-07-22] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-07-22] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-02] (Coupons, Inc.)
FF Extension: Flash and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-12]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\artur.dubovoy@gmail.com [2015-12-12]
FF Extension: FireFTP - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-12-12]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google*Übersetzer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (FTP Free) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn [2014-09-27]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-01-14]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Video Downloader [FVD]) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-05-09]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-01-16]
CHR Extension: (Codeanywhere) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432720 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412240 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854608 2015-12-10] (BlueStack Systems, Inc.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [179184 2014-10-15] (Coupons.com Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3645432 2014-07-18] (devolo AG)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-12-10] (BlueStack Systems)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-15] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 11:39 - 2015-12-22 11:40 - 00050181 _____ C:\Users\Daniel\Desktop\Addition.txt
2015-12-22 11:37 - 2015-12-22 11:41 - 00022707 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-22 11:37 - 2015-12-22 11:41 - 00000000 ____D C:\FRST
2015-12-22 11:36 - 2015-12-22 11:37 - 02370560 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-22 11:31 - 2015-12-22 11:31 - 00016148 _____ C:\WINDOWS\system32\GLOBALITY_Daniel_HistoryPrediction.bin
2015-12-21 14:38 - 2015-12-22 11:33 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-12-21 14:28 - 2015-12-21 14:28 - 00514327 _____ C:\Users\Daniel\Desktop\20151221.pdf
2015-12-21 14:24 - 2015-12-21 14:24 - 00000000 ____D C:\ProgramData\ATI
2015-12-21 11:16 - 2015-12-21 11:16 - 00036520 _____ C:\Users\Daniel\Documents\arena.mrf
2015-12-21 10:28 - 2015-12-21 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-21 10:26 - 2015-12-21 10:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-12-21 10:25 - 2015-12-21 10:25 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 39720944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 30775792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00631792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00130064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00110320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-12-20 20:56 - 2015-12-20 20:56 - 00478062 _____ C:\Users\Daniel\Desktop\20151220.pdf
2015-12-20 17:19 - 2015-12-22 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 13:28 - 2015-12-21 14:29 - 00283623 _____ C:\Users\Daniel\Desktop\Dienstplan_TV_Cannstatt.xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-18 10:57 - 2015-12-18 11:03 - 606692048 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.chrome.Archive.exe
2015-12-18 10:41 - 2015-12-19 19:28 - 00000222 _____ C:\Users\Daniel\Desktop\nicht angreiffen.txt
2015-12-18 10:36 - 2015-12-18 10:36 - 00617444 _____ C:\Users\Daniel\Downloads\Browser-in-the-Box_Benutzerhandbuch.pdf
2015-12-16 15:10 - 2015-12-16 15:10 - 00025360 _____ C:\Users\Daniel\Documents\far-Flung Prairie.mrf
2015-12-15 21:23 - 2015-12-15 21:23 - 00034360 _____ C:\Users\Daniel\Documents\nightfall swamp.mrf
2015-12-15 18:10 - 2015-12-15 18:11 - 21852240 _____ C:\Users\Daniel\Downloads\Smoothies.rar
2015-12-15 17:33 - 2015-12-15 17:33 - 00280112 _____ C:\WINDOWS\Minidump\121515-9359-01.dmp
2015-12-15 15:47 - 2015-12-15 15:47 - 00006660 _____ C:\Users\Daniel\Downloads\Rechnung Nr. 15005998.pdf
2015-12-15 13:56 - 2015-12-15 13:56 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1) (1).pdf
2015-12-15 13:53 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1).pdf
2015-12-15 13:52 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung.pdf
2015-12-15 13:36 - 2015-12-15 13:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-12-15 13:35 - 2015-12-15 13:35 - 00211398 _____ C:\Users\Daniel\Desktop\kündigung strom.pdf
2015-12-15 13:26 - 2015-12-18 11:04 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-18 11:04 - 00001320 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-15 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\ProgramData\Sirrix AG
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2015-12-15 13:21 - 2015-12-15 13:21 - 00000000 ____D C:\Program Files\Oracle
2015-12-15 13:14 - 2015-12-15 13:19 - 565717248 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.firefox.Archive.exe
2015-12-15 13:12 - 2015-12-17 19:43 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 13:11 - 2015-12-15 13:11 - 00927824 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup (1).exe
2015-12-15 12:47 - 2015-12-15 12:47 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form (1).pdf
2015-12-15 12:44 - 2015-12-15 12:45 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form.pdf
2015-12-15 12:28 - 2015-12-15 12:36 - 24149323 _____ C:\Users\Daniel\Downloads\Malwarebytes Anti-Malware Premium 2.2.0.1024.rar
2015-12-15 12:21 - 2015-12-22 11:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 12:20 - 2015-12-15 13:10 - 00001165 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 12:17 - 2015-12-15 12:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniel\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 12:09 - 2015-12-15 12:09 - 00003530 _____ C:\WINDOWS\System32\Tasks\Ahonaradra
2015-12-15 12:02 - 2015-12-15 12:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\systweak
2015-12-15 12:02 - 2015-11-20 19:27 - 00019888 _____ C:\WINDOWS\system32\roboot64.exe
2015-12-15 12:01 - 2015-12-15 12:01 - 00003774 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Program Files (x86)\SoftUpgrade
2015-12-15 11:58 - 2015-12-22 11:31 - 00000364 ____H C:\WINDOWS\Tasks\WOXRGHDNAFGIQKGK.job
2015-12-15 11:58 - 2015-12-15 12:24 - 00000000 ____D C:\ProgramData\Service1104
2015-12-15 11:58 - 2015-12-15 11:58 - 00003442 _____ C:\WINDOWS\System32\Tasks\WOXRGHDNAFGIQKGK
2015-12-15 11:58 - 2015-12-15 11:58 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-12-15 11:57 - 2015-12-15 11:57 - 00275717 _____ C:\Users\Daniel\Documents\151210 Rechnung_Lingel.pdf
2015-12-15 11:35 - 2015-12-15 11:35 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-15 11:34 - 2015-12-15 11:34 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-15 11:34 - 2015-12-15 11:34 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-12-15 11:34 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-12-15 11:34 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-12-15 11:33 - 2015-12-15 11:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IObit
2015-12-15 11:33 - 2015-12-15 11:40 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 11:33 - 2015-12-15 11:38 - 00000000 ____D C:\ProgramData\ProductData
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProductData
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\IObit
2015-12-15 11:32 - 2015-12-15 11:41 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-15 11:32 - 2015-12-15 11:32 - 30003568 _____ (IObit ) C:\Users\Daniel\Downloads\IObit-Malware-Fighter-Setup3409.exe
2015-12-15 11:16 - 2015-12-15 11:16 - 17529025 _____ C:\Users\Daniel\Documents\151210 Rechnung Lingel.pdf
2015-12-15 11:11 - 2015-12-15 11:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\cpuminer
2015-12-15 11:11 - 2015-12-15 11:58 - 00000008 _____ C:\END
2015-12-15 11:11 - 2015-12-15 11:11 - 00003160 _____ C:\WINDOWS\System32\Tasks\spw3016
2015-12-15 11:10 - 2015-12-22 11:31 - 00000000 ____D C:\Program Files (x86)\QuickSearch
2015-12-15 11:09 - 2015-12-15 12:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\SmartWeb
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\Opera Software
2015-12-15 11:04 - 2015-12-15 11:05 - 17231872 _____ C:\Users\Daniel\Downloads\epson374980eu.exe
2015-12-15 11:03 - 2015-12-15 13:04 - 00000000 ____D C:\Program Files (x86)\03000200-1450173802-0500-0006-000700080009
2015-12-15 11:03 - 2015-12-15 11:02 - 00004182 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-15 11:02 - 2015-12-15 13:07 - 00000306 __RSH C:\Users\Daniel\ntuser.pol
2015-12-15 11:02 - 2015-12-15 13:07 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-15 11:01 - 2015-12-15 11:01 - 00003294 _____ C:\WINDOWS\System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F}
2015-12-15 10:59 - 2015-12-15 10:59 - 12793856 _____ C:\Users\Daniel\Downloads\epson325480eu.exe
2015-12-15 10:57 - 2015-12-15 10:57 - 25198592 _____ C:\Users\Daniel\Downloads\epson324666eu.dmg
2015-12-14 20:52 - 2015-12-14 20:52 - 00030000 _____ C:\Users\Daniel\Documents\13.mrf
2015-12-14 14:28 - 2015-12-14 14:32 - 00027280 _____ C:\Users\Daniel\Documents\sunshine beach.mrf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116.pdf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116 (1).pdf
2015-12-14 14:22 - 2015-12-14 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-14 14:22 - 2015-12-14 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-14 14:11 - 2015-12-14 14:15 - 11692510 _____ C:\Users\Daniel\Downloads\GLGzFAmSSuC(zA.rar
2015-12-14 14:05 - 2015-12-14 14:15 - 32280461 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 522240.crdownload
2015-12-14 13:48 - 2015-12-14 13:48 - 00030280 _____ C:\Users\Daniel\Documents\Climbing Olympus.mrf
2015-12-14 13:20 - 2015-12-15 16:21 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\Program Files (x86)\MouseRecorder
2015-12-14 13:19 - 2015-12-14 13:21 - 02467080 _____ (Bartels Media GmbH ) C:\Users\Daniel\Downloads\MouseRecorderSetup1042.exe
2015-12-14 13:17 - 2015-12-14 13:17 - 02331531 _____ C:\Users\Daniel\Downloads\MRP276Setup.zip
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\Documents\My Recorded Scripts
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Nemex
2015-12-14 13:09 - 2015-12-14 13:09 - 02332069 _____ C:\Users\Daniel\Downloads\mrp275setup.zip
2015-12-14 13:01 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup (1).exe
2015-12-14 12:55 - 2015-12-15 13:10 - 00001682 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-15 13:08 - 00001742 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup.exe
2015-12-14 12:55 - 2015-12-14 12:55 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-14 12:54 - 2015-12-14 12:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\fabi.me
2015-12-14 12:53 - 2015-12-14 12:55 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:54 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:53 - 00094899 _____ C:\Users\Daniel\Downloads\SpeedAutoClicker.zip
2015-12-14 12:46 - 2015-12-14 12:47 - 308301520 _____ (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks2-Installer_native.exe
2015-12-12 19:59 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 19:59 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-12 19:59 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-12 19:59 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-12 19:59 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 19:59 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 19:59 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-12 19:59 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-12 19:59 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-12 19:59 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 19:59 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-12 19:59 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-12 19:59 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-12 19:58 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-12 19:58 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-12 19:58 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-12 19:58 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-12 19:58 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-12 19:58 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 19:58 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-12 19:58 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-12 19:58 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 19:58 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 19:58 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-12 19:58 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-12 19:58 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 19:58 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1.zip
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1 (1).zip
2015-12-06 18:49 - 2015-12-06 18:49 - 04397665 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab (1).zip
2015-12-06 18:48 - 2015-12-06 18:48 - 01142560 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab.zip
2015-12-06 18:19 - 2015-12-06 18:19 - 03984004 _____ C:\Users\Daniel\Downloads\Bewerbung_Erzieherin_Daniele_Maier.pdf
2015-12-06 18:06 - 2015-12-06 18:06 - 00291489 _____ C:\Users\Daniel\Downloads\20151127131614271.pdf
2015-12-06 17:50 - 2015-12-06 17:50 - 00109513 _____ C:\Users\Daniel\Desktop\Anmeldung.pdf
2015-12-03 18:29 - 2015-12-03 18:29 - 00169351 _____ C:\Users\Daniel\Downloads\WAZ.pdf
2015-11-30 21:32 - 2015-11-30 21:32 - 00064681 _____ C:\Users\Daniel\Downloads\Rückseite.pdf
2015-11-30 21:31 - 2015-11-30 21:31 - 00064681 _____ C:\Users\Daniel\Desktop\Rückseite.pdf
2015-11-30 21:29 - 2015-11-30 21:29 - 00032176 _____ C:\Users\Daniel\Desktop\Vorderseite.pdf
2015-11-30 21:25 - 2015-11-30 21:25 - 04889088 _____ C:\Users\Daniel\Downloads\Da Carlo Front Visit.zdl
2015-11-30 21:25 - 2015-11-30 21:25 - 01163776 _____ C:\Users\Daniel\Downloads\Da Carlo Back Visit.zdl
2015-11-29 20:16 - 2015-11-29 20:16 - 00457667 _____ C:\Users\Daniel\Downloads\maui.pdf
2015-11-26 16:19 - 2015-11-26 17:43 - 00000000 ____D C:\Users\Daniel\Desktop\Schwab Melli
2015-11-25 16:11 - 2015-11-25 16:11 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 16:00 - 2015-11-25 16:00 - 00273974 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 15:59 - 2015-11-25 15:59 - 00076125 _____ C:\Users\Daniel\Downloads\Kopie von Dienstplan_Änderung2 (1).xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 11:39 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-22 11:37 - 2015-08-01 19:33 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-22 11:37 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-22 11:37 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-22 11:37 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-22 11:36 - 2014-11-03 18:22 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-22 11:32 - 2015-02-13 17:03 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-12-22 11:32 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-12-22 11:31 - 2015-08-01 19:21 - 00000000 ____D C:\Users\postgres
2015-12-22 11:31 - 2015-08-01 19:20 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-22 11:31 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-22 11:31 - 2014-05-05 05:06 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 11:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 11:28 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-22 11:28 - 2014-06-23 15:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-22 11:27 - 2015-08-01 19:21 - 00000000 ____D C:\Users\Daniel
2015-12-22 11:25 - 2014-05-05 05:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 11:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-22 11:08 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-22 11:07 - 2014-05-29 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-12-22 11:07 - 2014-05-13 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-22 11:02 - 2014-06-07 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-22 08:54 - 2015-08-08 19:27 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88EEB1D5-370C-4812-9418-EDF692A916C5}
2015-12-22 02:00 - 2014-06-23 14:35 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-12-21 17:39 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-21 15:41 - 2015-08-16 17:58 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2015-12-21 11:06 - 2015-10-03 15:02 - 00010560 _____ C:\Users\Daniel\Desktop\Lego-Architecture.xlsx
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\ProgramData\AMD
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-21 10:27 - 2014-05-05 05:07 - 00000000 ____D C:\AMD
2015-12-21 10:25 - 2015-08-25 19:22 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-12-21 10:25 - 2015-08-25 19:22 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-12-21 10:25 - 2015-07-16 01:12 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01223544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-12-21 10:25 - 2015-07-16 00:17 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-12-21 10:25 - 2015-07-16 00:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-12-21 10:25 - 2015-07-16 00:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-12-20 10:37 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-12-18 19:58 - 2015-09-19 10:01 - 00023600 _____ C:\Users\Daniel\Desktop\Kaufpreis Backnang.xlsx
2015-12-18 17:14 - 2015-07-10 17:44 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-18 10:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-12-17 18:52 - 2015-08-20 15:17 - 00002099 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-12-17 18:52 - 2014-07-10 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-17 18:52 - 2014-05-05 05:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-17 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-15 17:33 - 2015-08-15 18:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-15 13:24 - 2014-11-03 18:30 - 00000000 ____D C:\Users\Daniel\.VirtualBox
2015-12-15 13:11 - 2015-08-01 19:25 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-15 13:11 - 2015-06-26 22:05 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-15 13:11 - 2014-12-29 16:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-15 13:11 - 2014-10-20 18:02 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-12-15 13:11 - 2014-08-16 22:06 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-12-15 13:11 - 2014-08-16 20:58 - 00000920 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-12-15 13:11 - 2014-08-16 20:58 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-15 13:11 - 2014-08-16 20:57 - 00001527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-15 13:11 - 2014-08-16 20:57 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-12-15 13:11 - 2014-08-16 17:13 - 00001750 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-12-15 13:11 - 2014-05-26 12:18 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-15 13:11 - 2014-05-13 19:27 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-15 13:10 - 2015-08-26 18:40 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-12-15 13:10 - 2015-08-16 18:00 - 00002234 _____ C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-12-15 13:08 - 2015-08-01 20:21 - 00002425 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-15 13:08 - 2015-05-16 13:40 - 00002158 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\KÜCHEN QUELLE 3D.lnk
2015-12-15 13:08 - 2015-04-02 10:04 - 00000879 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-12-15 13:08 - 2015-01-18 17:42 - 00001033 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-12-15 13:08 - 2015-01-08 18:29 - 00001822 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Coral Poker.lnk
2015-12-15 13:08 - 2014-12-16 14:46 - 00001830 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk
2015-12-15 13:08 - 2014-08-21 15:45 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-12-15 13:08 - 2014-07-25 19:12 - 00001792 _____ C:\ProgramData\Microsoft\Windows\Start Menu\24hPoker.lnk
2015-12-15 13:08 - 2014-07-02 16:36 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-06-14 19:21 - 00001120 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-05-18 20:21 - 00000295 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-15 13:08 - 2014-05-17 11:36 - 00001079 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerRanger.lnk
2015-12-15 13:08 - 2014-05-05 15:46 - 00001188 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
2015-12-15 13:08 - 2014-05-05 15:24 - 00000811 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2015-12-15 13:07 - 2015-10-12 19:18 - 00002180 _____ C:\Users\Daniel\Desktop\AusweisApp2.lnk
2015-12-15 12:04 - 2015-08-01 20:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-15 11:12 - 2014-10-20 17:34 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-14 22:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 22:20 - 2015-09-06 12:11 - 00000000 ____D C:\WINDOWS\Panther
2015-12-14 22:15 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-14 19:15 - 2015-07-10 13:20 - 04962496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 14:22 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Skype
2015-12-14 14:22 - 2014-05-05 05:07 - 00000000 ____D C:\ProgramData\Skype
2015-12-14 14:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 12:55 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-14 12:50 - 2014-11-03 18:25 - 00000000 ____D C:\Program Files\Andy
2015-12-14 11:44 - 2014-05-05 14:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-14 11:44 - 2014-05-05 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-14 11:43 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-14 11:41 - 2014-05-10 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-14 11:39 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-14 11:38 - 2014-05-07 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 11:32 - 2014-05-07 16:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-14 09:46 - 2014-05-05 05:05 - 00000000 ___RD C:\Users\Daniel\OneDrive
2015-12-12 19:44 - 2014-06-14 19:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\PokerStars.EU
2015-12-09 04:39 - 2014-05-07 18:25 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-06 11:19 - 2014-05-05 05:06 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 11:19 - 2014-05-05 05:06 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 11:04 - 2014-08-16 21:42 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-06 11:04 - 2014-05-05 14:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\AMD
2015-12-01 01:32 - 2015-10-03 15:01 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-03 15:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-27 21:25 - 2014-11-27 21:25 - 0004676 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-05-16 13:40 - 2015-05-16 13:40 - 0370070 _____ () C:\Users\Daniel\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2015-02-13 17:03 - 2015-02-13 17:03 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-05 15:24 - 2014-05-05 15:24 - 0558105 _____ () C:\ProgramData\1399299703.bdinstall.bin
2015-01-05 15:23 - 2015-01-05 15:23 - 0259192 _____ () C:\ProgramData\1420467746.bdinstall.bin
2015-02-08 16:01 - 2015-02-08 16:01 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-08-01 19:19 - 2015-08-01 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-09 18:17 - 2014-08-09 18:17 - 0005044 _____ () C:\ProgramData\flwjycbm.bab

Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\prog.exe
C:\Users\Daniel\AppData\Local\Temp\tmp6407.exe
C:\Users\Daniel\AppData\Local\Temp\tmpF8DA.exe
C:\Users\Daniel\AppData\Local\Temp\Uninstall.exe
C:\Users\Daniel\AppData\Local\Temp\upd.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-14 22:04

==================== Ende von FRST.txt ============================
         
Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Daniel (2015-12-22 11:42:03)
Gestartet von C:\Users\Daniel\Desktop
Windows 10 Pro (X64) (2015-08-01 19:18:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2676936528-1030403693-891089861-500 - Administrator - Disabled)
BitBox (S-1-5-21-2676936528-1030403693-891089861-1013 - Limited - Enabled)
Daniel (S-1-5-21-2676936528-1030403693-891089861-1001 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-2676936528-1030403693-891089861-503 - Limited - Disabled)
Gast (S-1-5-21-2676936528-1030403693-891089861-501 - Limited - Disabled)
Gl0ba_000 (S-1-5-21-2676936528-1030403693-891089861-1007 - Administrator - Enabled) => C:\Users\Gl0ba_000
HomeGroupUser$ (S-1-5-21-2676936528-1030403693-891089861-1003 - Limited - Enabled)
postgres (S-1-5-21-2676936528-1030403693-891089861-1006 - Limited - Enabled) => C:\Users\postgres

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\uTorrent) (Version: 3.4.2.39586 - BitTorrent Inc.)
24hPoker (HKLM-x32\...\24hPoker (Poker)) (Version: 16.6.2.11243 - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced WarCraft3 Configurator (remove only) (HKLM-x32\...\AWC) (Version:  - )
ALNO AG  Küchenplaner (HKLM-x32\...\{A89131FD-3D18-4DA8-84C8-622423011B51}_is1) (Version: 14a - ALNO AG)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Andy OS (HKLM-x32\...\Andy OS) (Version: 0.43 - Andy OS, Inc)
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
BandwidthStat (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\BandwidthStat) (Version: 1.0 - BandwidthStat)
Betfair.com Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Betfair.com Poker) (Version:  - )
Betfair.com Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Betfair.com Poker) (Version:  - )
BlueStacks App Player (HKLM-x32\...\{1996E857-C787-4205-B4FF-73FDB117DCED}) (Version: 2.0.1.5621 - BlueStack Systems, Inc.)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.1.4-r150 - Sirrix AG)
Business Card Designer Plus 11 (HKLM-x32\...\BCDP11_is1) (Version:  - CAM Development)
Camtasia Studio 8 (HKLM-x32\...\{419CEBE1-36E9-4AB2-8586-D6213AE28621}) (Version: 8.4.0.1699 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Coral Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Coral Poker) (Version:  - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.3.0 - devolo AG)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EPSON SX410 Series Printer Uninstall (HKLM\...\EPSON SX410 Series) (Version:  - SEIKO EPSON Corporation)
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.3 - Androxyde)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.22.10.WIN.FullTilt.EU - )
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
GetFLV 9.6.2.9 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
ICCup Launcher (HKLM-x32\...\ICCup Launcher_is1) (Version: 1.6 - ICCup)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170600}) (Version: 1.7.0.600 - Oracle)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\SquareClock_Production_Home_KQ_Web) (Version:  - 3DVIA SAS)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
MakeMKV v1.9.0 (HKLM-x32\...\MakeMKV) (Version: v1.9.0 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MouseRecorder v1.0.42 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.42 - Bartels Media GmbH)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
Oracle VM VirtualBox 5.0.10_Sirrix (HKLM\...\{15DB0BEC-4D4B-4471-9E37-2FB454965C05}) (Version: 5.0.10 - Sirrix AG)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PokerRanger  (HKLM-x32\...\PokerRanger) (Version:  - Michael A. Voelkel)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version:  - )
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 beta r2211 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.9.201506301709 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarMoney (x32 Version: 4.0.8.25 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{FCC4357A-A357-4909-B67D-4C713548A97F}) (Version: 9.0 - Star Finanz GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 7.2.3.0 - PacketVideo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Winner Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\winnerpoker) (Version:  - )
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2676936528-1030403693-891089861-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

22-12-2015 06:33:31 Geplanter Prüfpunkt

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-12-15 11:02 - 00004182 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.4
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 192.168.112.207
127.0.0.1 192.168.112.2o7.net
127.0.0.1 194.224.66.48 
127.0.0.1 199.7.52.190
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.54.72
127.0.0.1 199.7.54.72:80
127.0.0.1 209.34.83.67
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73:443
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 2o7.net
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.de
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.de
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com

Da befinden sich 83 zusätzliche Einträge.


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D4EE4C0-C7D6-4D3A-81E2-A19A5990EC0D} - System32\Tasks\SoftUpgrade => C:\Program Files (x86)\SoftUpgrade\softup.exe [2015-12-01] ()
Task: {10A445EC-5812-459B-AB19-3EDBC80EB37E} - System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F} => pcalua.exe -a C:\Users\Daniel\Downloads\epson325480eu.exe -d C:\Users\Daniel\Downloads
Task: {19192A32-34DD-4A03-A38D-B888B0D8A4B5} - System32\Tasks\{04A1AFE4-B868-406E-980C-5285134DB7CD} => pcalua.exe -a "C:\Users\Daniel\Desktop\USB VCOM Driver\install_driver.exe" -d "C:\Users\Daniel\Desktop\USB VCOM Driver"
Task: {1A081C88-BE90-499C-A32A-2F72BBA8AE85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-12] (Adobe Systems Incorporated)
Task: {25E7AED0-66D0-49C9-875F-3D90724BFD45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {29BCDCEF-5D03-45D0-954F-BA95F786AA3D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2C34182D-826A-4049-B023-E33E6C57A78D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-14] (Microsoft Corporation)
Task: {30720E03-8606-45DC-935D-0C6DDE2C60B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {31CB0D50-2B69-4633-8AC6-3BB1A9A369C0} - System32\Tasks\AdobeAAMUpdater-1.0-Globality-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {3E3A08A1-4A29-4FFB-AD24-2E2A7E937FFB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4ADC82BA-5D20-44A9-A007-49384C560CD7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5071EA31-FC77-4ACA-8EFC-E26A6A297D54} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {51830C57-7B39-4137-8081-94A14D0093E2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5DE863B4-E0C5-4E86-9F52-801FA2B6210D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {65D9614B-71AB-4FA3-9710-7CBA1509B463} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6A60CB4C-7828-489A-8839-75C6BA3B4281} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {6C87DDAE-46B3-4972-A2C3-5DD8D40ED8BA} - System32\Tasks\Ahonaradra => C:\ProgramData\Ahonaradra\1.0.7.1\vlotifox.exe
Task: {6E5102ED-DE5B-444E-81FD-40CDD6DCD691} - \SwiftSearch Auto Updater 1.10.0.25 Core -> Keine Datei <==== ACHTUNG
Task: {80016EDB-E276-499C-B2E8-CE4CEDD252AE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8349288D-1F49-4203-BBB2-AE5A3099B1A5} - System32\Tasks\spw3016 => C:\Program Files (x86)\QuickSearch\spw3016.exe [2015-12-01] () <==== ACHTUNG
Task: {913B0182-B33B-4682-B8E9-F4E0C9B0C022} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B0677499-1F3A-4830-A73C-686C8F60B2B6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B2C027EB-4715-4128-B2E2-153DB2C21BD2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B616205F-BEC7-43E0-9210-2459C73CE583} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {B7A31BED-B7FF-44A2-8968-F05FA6EAB4C6} - \SwiftSearch Auto Updater 1.10.0.25 Pending Update -> Keine Datei <==== ACHTUNG
Task: {E45D9012-778B-4B8C-ACDF-FA1D5D205CC7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E6C20D06-5920-4CB4-96E0-906A774B8027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E850C883-1B0B-4502-9D71-7351BB937B6D} - System32\Tasks\WOXRGHDNAFGIQKGK => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG
Task: {F2DDDD76-1783-4D8E-9127-CF6A50B82B7E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FCEBFB6A-284A-4798-8AC3-F59C9FB85904} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-05-05] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WOXRGHDNAFGIQKGK.job => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-01 20:12 - 2015-08-01 20:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-15 20:39 - 2015-07-15 20:39 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-19 08:53 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-05-23 14:57 - 2013-05-23 14:57 - 00885576 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2013-05-23 14:58 - 2013-05-23 14:58 - 02204488 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2015-10-01 02:38 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-01 21:15 - 2015-12-01 21:15 - 00058684 _____ () C:\Program Files (x86)\QuickSearch\spw3016.exe
2015-10-01 02:38 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-07-16 10:06 - 2014-07-16 10:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2015-10-01 02:38 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-12 19:59 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-12 19:58 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 02:38 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-07-10 16:29 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-12-23 08:07 - 2013-12-23 08:07 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-12-23 08:07 - 2013-12-23 08:07 - 00793784 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-12-23 08:04 - 2013-12-23 08:04 - 00025088 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
2015-07-15 20:38 - 2015-07-15 20:38 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-12-23 11:06 - 2010-12-23 11:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 16:03 - 2014-06-30 16:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2015-12-15 11:33 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-08-16 17:59 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-05-23 14:58 - 2013-05-23 14:58 - 00222024 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\wmdrmdll.dll
2014-05-05 05:11 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-05-05 05:11 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2015-12-22 11:31 - 2015-12-22 11:31 - 00013824 _____ () C:\WINDOWS\TEMP\nst7B7B.tmp\UAC.dll
2015-12-22 11:31 - 2015-12-22 11:31 - 00011264 _____ () C:\WINDOWS\TEMP\nst7B7B.tmp\System.dll
2015-12-22 11:31 - 2015-12-22 11:31 - 00006656 _____ () C:\WINDOWS\TEMP\nst7B7B.tmp\nsExec.dll
2015-12-22 11:31 - 2015-12-22 11:31 - 00011264 _____ () C:\WINDOWS\TEMP\nsoADD6.tmp\System.dll
2014-07-10 16:29 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-07-10 16:29 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-07-10 16:29 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-06-24 16:46 - 2015-06-24 16:46 - 00801792 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-08-18 03:20 - 2015-08-18 03:20 - 03129368 _____ () C:\Program Files (x86)\Naver\LINE\ampkit_windows.dll
2015-07-03 06:44 - 2015-07-03 06:44 - 00123416 _____ () C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
2015-11-25 20:18 - 2015-11-25 20:18 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2014-07-03 05:45 - 2014-07-03 05:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-12-10 17:55 - 2015-12-14 12:54 - 03287552 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2015-08-15 13:42 - 2015-08-15 13:42 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-12-17 19:38 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 19:38 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2014-07-03 05:45 - 2014-07-03 05:45 - 00742784 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-07-03 05:45 - 2014-07-03 05:45 - 00136576 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-12-17 19:38 - 2015-12-11 04:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Daniel\Downloads\24hpoker.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\awc117_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\bcdp115_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\dotNetFx40_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\dotNetFx45_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Downloader_StarCraft_Combo_enGB (1).exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Downloader_StarCraft_Combo_enGB.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\driver_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 29.0.1 (1).exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Rainmeter-3.1-r2211-beta.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Rainmeter-3.2-r2302-beta.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\TeamViewer_Setup_de.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\UnstopCpy_5_2_Win2K_UP_Setup.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\127.0.0.1 -> hxxp://127.0.0.1

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{86B94AA2-1974-4259-8623-74A89B26E90A}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{71F2C407-7331-498A-8426-B24F465AF5A6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [UDP Query User{9697C13A-ACF0-42FA-8DB3-DE00CB791229}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [TCP Query User{9B4EAA87-D5D7-4BC5-BBC8-3A1F66080E5C}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [{A319014D-7C7C-4E14-8393-C7EBD13B7853}] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [{5DCE1293-AA8A-404E-9998-9C7D4E9EB905}] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [UDP Query User{371F79D9-44DB-460C-AFD1-22AD1EC9F1BF}C:\program files\graphisoft\archicad 18\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [TCP Query User{EE847DFA-BE7C-447E-B474-1FF81C73F2C9}C:\program files\graphisoft\archicad 18\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [{700DB8D3-9D38-4913-B53C-0DCFF12CB592}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0CC39448-9F53-499A-B508-89E338783018}] => (Allow) C:\Users\Daniel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C969DC84-6A5C-4189-A0B9-09DEF39A2E3B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{4FFC1C3F-C2AE-41A6-8185-96D1ACEC7286}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{651E66C8-FD77-4885-81EA-AC43378DD3BA}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{7B85E5A8-2D27-4A7F-BD7E-BC73BF4163E9}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{88DF49BF-3580-4919-97C1-E88AFF860949}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{926FC48E-ED8B-4C92-955B-296B61E925CE}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{1E8F8E48-947E-4D1F-9068-A487FE2A088B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{20323385-D02A-4647-B859-64512D6ED1F4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{087A2D3F-6CA3-4E74-8498-EEDFF4CF783F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{60A11106-7FC4-457A-95C0-2C8D4199C1E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E9E12CB3-9DE9-4FF7-89B2-09F9CEDF9BD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{115CCC81-9BE7-4D9A-B145-080EF6C055B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EF5F2587-BAAB-4B16-AF91-609239231B84}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{987743EB-BBBE-4F9F-93BA-D70A431B2D4D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A267BE3-3D53-4E9C-848F-061DDC151FF9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{762FD712-99A1-403C-8D3E-67711B412F9A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CF0A6A64-9D00-43CA-83E2-DC5C6649F833}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{8EE06146-EB7F-4182-812B-C3D9EC267CF1}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{F7128546-8018-486F-9004-ACB69A65E116}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [{6F7ABD7C-F397-4D1A-8BE8-DC0515F2A5AE}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [UDP Query User{A3A97F3F-9A93-4F57-A1B7-36940B9C2874}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [TCP Query User{045EB7DF-B275-49C5-BA6B-428D73C6739D}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [{7AFFC66C-03DA-437C-8AB2-48E419AFDCA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{449501B3-39B2-4FB6-800B-6CD6DF00CF6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90A1DF2C-EAC0-4B84-89A4-F662CA37FFDA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{869BF00F-C079-4E88-9776-1A1A602DBEAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{F141D448-2942-4F05-8703-8CF696BB6C17}C:\scbw\starcraft\starcraft.exe] => (Allow) C:\scbw\starcraft\starcraft.exe
FirewallRules: [TCP Query User{107F0B01-CB89-4B7F-B9E6-96BAF3571466}C:\scbw\starcraft\starcraft.exe] => (Allow) C:\scbw\starcraft\starcraft.exe
FirewallRules: [UDP Query User{AE6272D1-2450-4706-9C56-ABE0741995E6}C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe] => (Allow) C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe
FirewallRules: [TCP Query User{4BF3D7B6-2760-46E7-9F46-EAA1479759EA}C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe] => (Allow) C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe
FirewallRules: [{E6AC2223-4DF5-4F90-9EA9-491D258D5E83}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{33B49934-626B-4C3F-A78D-74BD348957E2}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{EA5CD453-3965-4133-86B6-0C000AF66A79}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{1C40D6DB-86B4-40F9-BC4F-105E6472D27B}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [UDP Query User{C1B01E16-EF99-4E1A-A864-6DAFAC4E5798}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5D1CAF32-8957-4158-B3BE-D51582AB2CDC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DF33C812-2F04-4249-A019-39D66D66E102}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{99695F8E-713E-405B-ADA2-A7C1891ECECE}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{8E1AE219-EBA9-4EFD-8FFA-223411B4EBC3}] => (Allow) LPort=8317
FirewallRules: [{776219E5-631E-46EA-8176-420BCE2E3E57}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9B303E96-9E5E-4AF3-A676-55EAB07ADE03}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{15AFCDCC-5415-41DF-84A6-D7CEA5CE907D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{00FE9CCC-9E80-4932-B040-921CE05C4CD6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C6817A1E-5A06-4512-BCD0-3D5F4FE632AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1FFD8D93-168C-48E9-9FA7-DA75D40EEBD5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DB5E0589-EB8B-4178-A438-CEBB55E965C5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0D070EA1-F417-4FCF-ADD5-C44F463377AC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F7BE67E2-C360-4C22-AA77-B34EFAA51D95}] => (Allow) LPort=5432
FirewallRules: [UDP Query User{FB63639D-4AE2-498F-A6C2-CC670BB39AFA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1D292F57-6542-46C2-81A4-6CFA258848F0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{472B1D19-BE19-4606-8C99-B557FEF56F58}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{0623A238-71BD-432F-B885-2E66DC4792F1}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{B217765B-9617-4A35-AC0A-A06D8094D9A9}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{F7D88F94-E186-4887-ADF7-F8DC73A7D534}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe
FirewallRules: [{8F64E530-817E-484F-836C-3C21038E9BB3}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\Andy_45.5_x64\Setup.exe
FirewallRules: [{05E027AC-CF5F-4CB0-AF52-C1AF6B5385FD}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\Andy_45.5_x64\Setup.exe
FirewallRules: [{B469A0FF-D98A-4C1D-AC14-08D0015304E8}] => (Allow) C:\Program Files (x86)\MouseRecorder\MouseRecorder.exe
FirewallRules: [{709E234E-C596-4BB0-B5A4-DD9B879BD223}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{13CDA863-80DD-487B-B2A1-DB8BF68E62F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{08DB7FE4-AE52-4F82-9111-2AC13B3561F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CBCAC336-34FB-4FBD-B567-A0A04984BD0E}] => (Allow) %ProgramFiles% (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe
FirewallRules: [{7764F249-3B76-428C-9BB9-1A1A949F4AF4}] => (Allow) %ProgramFiles% (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/22/2015 11:32:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/22/2015 11:32:20 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/22/2015 11:32:20 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/22/2015 11:32:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (12/22/2015 11:32:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (12/22/2015 11:32:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (12/22/2015 11:32:20 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (12/22/2015 11:09:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/22/2015 11:09:05 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/22/2015 11:09:05 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 


Systemfehler:
=============
Error: (12/22/2015 11:34:33 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/22/2015 11:32:06 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 11:32:06 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 11:32:03 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 11:32:03 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 11:32:02 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 11:32:02 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 11:31:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎12.‎2015 um 11:29:17 unerwartet heruntergefahren.

Error: (12/22/2015 11:30:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "BlueStacks Updater Service" wurde nicht richtig gestartet.

Error: (12/22/2015 11:27:35 AM) (Source: DCOM) (EventID: 10010) (User: Globality)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


CodeIntegrity:
===================================
  Date: 2015-12-21 10:25:12.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:30:38.676
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:30:33.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:29:35.352
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:29:22.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 12:28:26.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 12:28:25.986
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 12:27:44.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-15 22:15:40.448
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-15 16:38:57.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-5600K APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 7630.72 MB
Verfügbarer physikalischer RAM: 4186.16 MB
Summe virtueller Speicher: 8846.72 MB
Verfügbarer virtueller Speicher: 4913.74 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.45 GB) (Free:2.85 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:72.16 GB) NTFS
Drive e: (Daniela&Daniel) (CDROM) (Total:0.2 GB) (Free:0 GB) UDF
Drive g: () (Fixed) (Total:465.76 GB) (Free:42.58 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DD2BA3CD)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6BFA1C83)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7DECB287)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 22.12.2015, 16:38   #2
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam





Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools welche hier im Thread erwähnt werden
  • Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Kannst du mal bitte das Log von Malwarebytes posten?
__________________

__________________

Alt 22.12.2015, 16:40   #3
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Guten Abend,
vielen Dank und hier ist der Log:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 22.12.2015
Suchlaufzeit: 11:14
Protokolldatei: Malwarebyte.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.22.02
Rootkit-Datenbank: v2015.12.18.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Daniel

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 473103
Abgelaufene Zeit: 12 Min., 15 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 38
PUP.Optional.Komodia, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zcwfp, In Quarantäne, [ea301d8ba8e3bb7b190e378c58a929d7], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataContainer, In Quarantäne, [69b1f4b44b40c86e5847ee207b897d83], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataContainer.1, In Quarantäne, [60ba74343853de58ced116f8a85c39c7], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataController, In Quarantäne, [65b5c3e584070f27fea1a36b15ef52ae], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataController.1, In Quarantäne, [8199b7f1dbb0be78851a68a6be46be42], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataTable, In Quarantäne, [67b34167c2c90d29cfd0d33b689caf51], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataTable.1, In Quarantäne, [0e0cfaae5734cc6a514ea96535cfb749], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataTableFields, In Quarantäne, [f7230a9e2368063069369b73dc28fd03], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataTableFields.1, In Quarantäne, [ef2b2f79a9e2d4629e017896798b19e7], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataTableHolder, In Quarantäne, [a3777533a5e6b97d5946050964a0dc24], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.DataTableHolder.1, In Quarantäne, [58c2f7b1b1da55e1f5aa6aa490743ec2], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.LSPLogic, In Quarantäne, [5ebca602a2e980b62778eb23fc085ea2], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.LSPLogic.1, In Quarantäne, [b169a80058339c9a4857b15dc24236ca], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.ReadOnlyManager, In Quarantäne, [d4466c3c800ba09677286ea00004f709], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.ReadOnlyManager.1, In Quarantäne, [5fbbe3c5c8c343f3029db25cf311c33d], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.WFPController, In Quarantäne, [cf4b971113787fb7306fbf4fb94b8b75], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\zcengineLib.WFPController.1, In Quarantäne, [1bffeabe1378e94de2bd0d014fb55ea2], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\APPID\zcengine.EXE, In Quarantäne, [8b8f7830fb90063098069b73fe06c33d], 
PUP.Optional.Komodia, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\zcengine.EXE, In Quarantäne, [46d405a37813dd592b7310fe09fb8c74], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataContainer, In Quarantäne, [f82255533952ab8b9d0237d718ec966a], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataContainer.1, In Quarantäne, [3ae07e2a95f637ff732c8b8360a4d927], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataController, In Quarantäne, [64b60e9a2e5d86b0d4cbdb33cc38d62a], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataController.1, In Quarantäne, [af6b8127c3c8b77f683732dc19eb08f8], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataTable, In Quarantäne, [a773c5e3c3c8b086fda245c99272ee12], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataTable.1, In Quarantäne, [809abdeb008bf640f0afba546f958878], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataTableFields, In Quarantäne, [fe1ce6c2206b92a47c23f816f50f9c64], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataTableFields.1, In Quarantäne, [8496f1b726657eb8752a27e73fc56898], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataTableHolder, In Quarantäne, [c9516c3c454644f2c3dcae60ec18fc04], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.DataTableHolder.1, In Quarantäne, [f72385238209aa8c039c8b83ff05738d], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.LSPLogic, In Quarantäne, [9684bbedef9c74c2b9e67995ae56cb35], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.LSPLogic.1, In Quarantäne, [5bbf4662365581b5722d6aa4679dd32d], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.ReadOnlyManager, In Quarantäne, [ee2c04a4b1da37ff9906d7371de78080], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.ReadOnlyManager.1, In Quarantäne, [d3472088cbc08caa9f007b9332d2b848], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.WFPController, In Quarantäne, [ef2bb4f41a71da5c9f00a36b8c78ac54], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\zcengineLib.WFPController.1, In Quarantäne, [5ac0f0b8d6b5b185841b20eebd471ee2], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\zcengine.EXE, In Quarantäne, [e8326345e5a63cfaf2accd41fe0619e7], 
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\QUICKSEARCH, In Quarantäne, [32e84464810aa1959907a965ad57cc34], 
PUP.Optional.Komodia, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zcengine, In Quarantäne, [899105a38cff49ede1c02fdf3cc87789], 

Registrierungswerte: 1
PUP.Optional.Komodia, HKLM\SOFTWARE\WOW6432NODE\QUICKSEARCH|affid, 1123, In Quarantäne, [32e84464810aa1959907a965ad57cc34]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 11
PUP.Optional.Komodia, C:\Windows\System32\drivers\zcwfp64.sys, Löschen bei Neustart, [ea301d8ba8e3bb7b190e378c58a929d7], 
PUP.Optional.Komodia.WnskRST, C:\Program Files (x86)\QuickSearch\zcengine.dll, In Quarantäne, [22f896123c4fb086a4841da6966be61a], 
PUP.Optional.Komodia.WnskRST, C:\Program Files (x86)\QuickSearch\zcengine64.dll, In Quarantäne, [bf5bc1e7ccbf2e0886a27350966bcb35], 
PUP.Optional.Komodia, C:\Program Files (x86)\QuickSearch\zcinstaller.exe, In Quarantäne, [50cad6d291fadd59cb5cbc0728d95aa6], 
PUP.Optional.Komodia, C:\Program Files (x86)\QuickSearch\zcwfp.sys, In Quarantäne, [52c877319eed3006171007bcca37f60a], 
PUP.Optional.Komodia, C:\Program Files (x86)\QuickSearch\zcwfp64.sys, In Quarantäne, [cd4dc9df4a4150e6fd2a5172fc050af6], 
PUP.Optional.Komodia.WnskRST, C:\Windows\System32\zcengine64.dll, Löschen bei Neustart, [be5c8127b7d4b482c761ffc4e41d06fa], 
PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zcengine.dll, Löschen bei Neustart, [1ffbfaaea3e8b87e91973f84bc45916f], 
PUP.Optional.Komodia, C:\Users\Daniel\AppData\Local\Temp\zcengine.log, In Quarantäne, [58c2a4042c5f24129eff23eb020256aa], 
PUP.Optional.Komodia, C:\Windows\Temp\zcengine.log, In Quarantäne, [ec2e6741e9a2b97d613c4dc114f0c739], 
PUP.Optional.Komodia, C:\Program Files (x86)\QuickSearch\zcengine.exe, In Quarantäne, [899105a38cff49ede1c02fdf3cc87789], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
__________________

Alt 22.12.2015, 16:43   #4
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Hi,

zuerst muss mal das gecrackte Adobe-Zeugs runter, danach ein frisches FRST-Log mit Additions posten.

Alt 22.12.2015, 17:24   #5
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



So, nun ist hoff ich alles weg. Danke dir

FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Daniel (Administrator) auf GLOBALITY (22-12-2015 18:21:56)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe" start "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files (x86)\QuickSearch\spw3016.exe
(Joan Abner) C:\Program Files (x86)\QuickSearch\uninstall.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Internet Monitor) C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.213.644.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883280 2015-12-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [15664152 2015-08-18] (LINE Corporation)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [BandwidthStat] => C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe [569344 2015-12-15] (Internet Monitor)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2015-12-15]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-15]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c3d2b33a-5f1a-4bce-8c16-a5ea94bc6a72}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
URLSearchHook: HKU\S-1-5-21-2676936528-1030403693-891089861-1001 - (Kein Name) - {EB6628CF-0675-4DAE-95CE-EFFA23169743} - Keine Datei
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default
FF NewTab: about:newtab
FF DefaultSearchEngine: MyStart
FF Homepage: hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-02] (Coupons, Inc.)
FF Extension: Flash and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-12]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\artur.dubovoy@gmail.com [2015-12-12]
FF Extension: FireFTP - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-12-12]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google*Übersetzer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (FTP Free) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn [2014-09-27]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-01-14]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Video Downloader [FVD]) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-05-09]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-01-16]
CHR Extension: (Codeanywhere) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432720 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412240 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854608 2015-12-10] (BlueStack Systems, Inc.)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [179184 2014-10-15] (Coupons.com Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3645432 2014-07-18] (devolo AG)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-12-10] (BlueStack Systems)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-15] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 18:21 - 2015-12-22 18:21 - 00021460 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-22 18:20 - 2015-12-22 18:00 - 00001283 ____N C:\WINDOWS\system32\Drivers\etc\hosts_bkup
2015-12-22 18:15 - 2015-12-22 18:15 - 06708416 _____ (Adobe System Incorporated.) C:\Users\Daniel\Downloads\AdobeCreativeCloudCleanerTool.exe
2015-12-22 17:54 - 2015-12-22 17:54 - 00016148 _____ C:\WINDOWS\system32\GLOBALITY_Daniel_HistoryPrediction.bin
2015-12-22 12:01 - 2015-12-22 12:01 - 00007493 _____ C:\Users\Daniel\Desktop\Malwarebyte.txt
2015-12-22 11:49 - 2015-12-22 11:50 - 00000532 _____ C:\Users\Daniel\Desktop\Neues Textdokument.txt
2015-12-22 11:37 - 2015-12-22 18:21 - 00000000 ____D C:\FRST
2015-12-22 11:36 - 2015-12-22 11:37 - 02370560 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-21 14:28 - 2015-12-21 14:28 - 00514327 _____ C:\Users\Daniel\Desktop\20151221.pdf
2015-12-21 14:24 - 2015-12-21 14:24 - 00000000 ____D C:\ProgramData\ATI
2015-12-21 11:16 - 2015-12-21 11:16 - 00036520 _____ C:\Users\Daniel\Documents\arena.mrf
2015-12-21 10:28 - 2015-12-21 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-21 10:26 - 2015-12-21 10:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-12-21 10:25 - 2015-12-21 10:25 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 39720944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 30775792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00631792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00130064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00110320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-12-20 20:56 - 2015-12-20 20:56 - 00478062 _____ C:\Users\Daniel\Desktop\20151220.pdf
2015-12-20 17:19 - 2015-12-22 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 13:28 - 2015-12-21 14:29 - 00283623 _____ C:\Users\Daniel\Desktop\Dienstplan_TV_Cannstatt.xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-18 10:57 - 2015-12-18 11:03 - 606692048 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.chrome.Archive.exe
2015-12-18 10:41 - 2015-12-19 19:28 - 00000222 _____ C:\Users\Daniel\Desktop\nicht angreiffen.txt
2015-12-18 10:36 - 2015-12-18 10:36 - 00617444 _____ C:\Users\Daniel\Downloads\Browser-in-the-Box_Benutzerhandbuch.pdf
2015-12-16 15:10 - 2015-12-16 15:10 - 00025360 _____ C:\Users\Daniel\Documents\far-Flung Prairie.mrf
2015-12-15 21:23 - 2015-12-15 21:23 - 00034360 _____ C:\Users\Daniel\Documents\nightfall swamp.mrf
2015-12-15 18:10 - 2015-12-15 18:11 - 21852240 _____ C:\Users\Daniel\Downloads\Smoothies.rar
2015-12-15 17:33 - 2015-12-15 17:33 - 00280112 _____ C:\WINDOWS\Minidump\121515-9359-01.dmp
2015-12-15 15:47 - 2015-12-15 15:47 - 00006660 _____ C:\Users\Daniel\Downloads\Rechnung Nr. 15005998.pdf
2015-12-15 13:56 - 2015-12-15 13:56 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1) (1).pdf
2015-12-15 13:53 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1).pdf
2015-12-15 13:52 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung.pdf
2015-12-15 13:36 - 2015-12-15 13:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-12-15 13:35 - 2015-12-15 13:35 - 00211398 _____ C:\Users\Daniel\Desktop\kündigung strom.pdf
2015-12-15 13:26 - 2015-12-18 11:04 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-18 11:04 - 00001320 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-15 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\ProgramData\Sirrix AG
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2015-12-15 13:21 - 2015-12-15 13:21 - 00000000 ____D C:\Program Files\Oracle
2015-12-15 13:14 - 2015-12-15 13:19 - 565717248 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.firefox.Archive.exe
2015-12-15 13:12 - 2015-12-17 19:43 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 13:11 - 2015-12-15 13:11 - 00927824 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup (1).exe
2015-12-15 12:47 - 2015-12-15 12:47 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form (1).pdf
2015-12-15 12:44 - 2015-12-15 12:45 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form.pdf
2015-12-15 12:28 - 2015-12-15 12:36 - 24149323 _____ C:\Users\Daniel\Downloads\Malwarebytes Anti-Malware Premium 2.2.0.1024.rar
2015-12-15 12:21 - 2015-12-22 17:54 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 12:20 - 2015-12-15 13:10 - 00001165 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 12:17 - 2015-12-15 12:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniel\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 12:09 - 2015-12-15 12:09 - 00003530 _____ C:\WINDOWS\System32\Tasks\Ahonaradra
2015-12-15 12:02 - 2015-12-15 12:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\systweak
2015-12-15 12:02 - 2015-11-20 19:27 - 00019888 _____ C:\WINDOWS\system32\roboot64.exe
2015-12-15 12:01 - 2015-12-15 12:01 - 00003774 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Program Files (x86)\SoftUpgrade
2015-12-15 11:58 - 2015-12-22 18:03 - 00000364 ____H C:\WINDOWS\Tasks\WOXRGHDNAFGIQKGK.job
2015-12-15 11:58 - 2015-12-15 12:24 - 00000000 ____D C:\ProgramData\Service1104
2015-12-15 11:58 - 2015-12-15 11:58 - 00003442 _____ C:\WINDOWS\System32\Tasks\WOXRGHDNAFGIQKGK
2015-12-15 11:58 - 2015-12-15 11:58 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-12-15 11:57 - 2015-12-15 11:57 - 00275717 _____ C:\Users\Daniel\Documents\151210 Rechnung_Lingel.pdf
2015-12-15 11:35 - 2015-12-15 11:35 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-15 11:34 - 2015-12-15 11:34 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-15 11:34 - 2015-12-15 11:34 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-12-15 11:34 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-12-15 11:34 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-12-15 11:33 - 2015-12-22 11:52 - 00000000 ____D C:\ProgramData\ProductData
2015-12-15 11:33 - 2015-12-15 11:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IObit
2015-12-15 11:33 - 2015-12-15 11:40 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProductData
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\IObit
2015-12-15 11:32 - 2015-12-15 11:41 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-15 11:32 - 2015-12-15 11:32 - 30003568 _____ (IObit ) C:\Users\Daniel\Downloads\IObit-Malware-Fighter-Setup3409.exe
2015-12-15 11:16 - 2015-12-15 11:16 - 17529025 _____ C:\Users\Daniel\Documents\151210 Rechnung Lingel.pdf
2015-12-15 11:11 - 2015-12-15 11:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\cpuminer
2015-12-15 11:11 - 2015-12-15 11:58 - 00000008 _____ C:\END
2015-12-15 11:11 - 2015-12-15 11:11 - 00003160 _____ C:\WINDOWS\System32\Tasks\spw3016
2015-12-15 11:10 - 2015-12-22 17:54 - 00000000 ____D C:\Program Files (x86)\QuickSearch
2015-12-15 11:09 - 2015-12-15 12:58 - 00000000 ____D C:\Users\Daniel\AppData\Local\SmartWeb
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\Opera Software
2015-12-15 11:04 - 2015-12-15 11:05 - 17231872 _____ C:\Users\Daniel\Downloads\epson374980eu.exe
2015-12-15 11:03 - 2015-12-15 13:04 - 00000000 ____D C:\Program Files (x86)\03000200-1450173802-0500-0006-000700080009
2015-12-15 11:03 - 2015-12-15 11:02 - 00004182 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-15 11:02 - 2015-12-15 13:07 - 00000306 __RSH C:\Users\Daniel\ntuser.pol
2015-12-15 11:02 - 2015-12-15 13:07 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-15 11:01 - 2015-12-15 11:01 - 00003294 _____ C:\WINDOWS\System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F}
2015-12-15 10:59 - 2015-12-15 10:59 - 12793856 _____ C:\Users\Daniel\Downloads\epson325480eu.exe
2015-12-15 10:57 - 2015-12-15 10:57 - 25198592 _____ C:\Users\Daniel\Downloads\epson324666eu.dmg
2015-12-14 20:52 - 2015-12-14 20:52 - 00030000 _____ C:\Users\Daniel\Documents\13.mrf
2015-12-14 14:28 - 2015-12-14 14:32 - 00027280 _____ C:\Users\Daniel\Documents\sunshine beach.mrf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116.pdf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116 (1).pdf
2015-12-14 14:22 - 2015-12-14 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-14 14:22 - 2015-12-14 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-14 14:11 - 2015-12-14 14:15 - 11692510 _____ C:\Users\Daniel\Downloads\GLGzFAmSSuC(zA.rar
2015-12-14 14:05 - 2015-12-14 14:15 - 32280461 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 522240.crdownload
2015-12-14 13:48 - 2015-12-14 13:48 - 00030280 _____ C:\Users\Daniel\Documents\Climbing Olympus.mrf
2015-12-14 13:20 - 2015-12-15 16:21 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\Program Files (x86)\MouseRecorder
2015-12-14 13:19 - 2015-12-14 13:21 - 02467080 _____ (Bartels Media GmbH ) C:\Users\Daniel\Downloads\MouseRecorderSetup1042.exe
2015-12-14 13:17 - 2015-12-14 13:17 - 02331531 _____ C:\Users\Daniel\Downloads\MRP276Setup.zip
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\Documents\My Recorded Scripts
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Nemex
2015-12-14 13:09 - 2015-12-14 13:09 - 02332069 _____ C:\Users\Daniel\Downloads\mrp275setup.zip
2015-12-14 13:01 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup (1).exe
2015-12-14 12:55 - 2015-12-15 13:10 - 00001682 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-15 13:08 - 00001742 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup.exe
2015-12-14 12:55 - 2015-12-14 12:55 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-14 12:54 - 2015-12-14 12:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\fabi.me
2015-12-14 12:53 - 2015-12-14 12:55 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:54 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:53 - 00094899 _____ C:\Users\Daniel\Downloads\SpeedAutoClicker.zip
2015-12-14 12:46 - 2015-12-14 12:47 - 308301520 _____ (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks2-Installer_native.exe
2015-12-12 19:59 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 19:59 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-12 19:59 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-12 19:59 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-12 19:59 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 19:59 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 19:59 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-12 19:59 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-12 19:59 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-12 19:59 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 19:59 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-12 19:59 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-12 19:59 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-12 19:58 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-12 19:58 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-12 19:58 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-12 19:58 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-12 19:58 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-12 19:58 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 19:58 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-12 19:58 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-12 19:58 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 19:58 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 19:58 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-12 19:58 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-12 19:58 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 19:58 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1.zip
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1 (1).zip
2015-12-06 18:49 - 2015-12-06 18:49 - 04397665 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab (1).zip
2015-12-06 18:48 - 2015-12-06 18:48 - 01142560 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab.zip
2015-12-06 18:19 - 2015-12-06 18:19 - 03984004 _____ C:\Users\Daniel\Downloads\Bewerbung_Erzieherin_Daniele_Maier.pdf
2015-12-06 18:06 - 2015-12-06 18:06 - 00291489 _____ C:\Users\Daniel\Downloads\20151127131614271.pdf
2015-12-06 17:50 - 2015-12-06 17:50 - 00109513 _____ C:\Users\Daniel\Desktop\Anmeldung.pdf
2015-12-03 18:29 - 2015-12-03 18:29 - 00169351 _____ C:\Users\Daniel\Downloads\WAZ.pdf
2015-11-30 21:32 - 2015-11-30 21:32 - 00064681 _____ C:\Users\Daniel\Downloads\Rückseite.pdf
2015-11-30 21:31 - 2015-11-30 21:31 - 00064681 _____ C:\Users\Daniel\Desktop\Rückseite.pdf
2015-11-30 21:29 - 2015-11-30 21:29 - 00032176 _____ C:\Users\Daniel\Desktop\Vorderseite.pdf
2015-11-30 21:25 - 2015-11-30 21:25 - 04889088 _____ C:\Users\Daniel\Downloads\Da Carlo Front Visit.zdl
2015-11-30 21:25 - 2015-11-30 21:25 - 01163776 _____ C:\Users\Daniel\Downloads\Da Carlo Back Visit.zdl
2015-11-29 20:16 - 2015-11-29 20:16 - 00457667 _____ C:\Users\Daniel\Downloads\maui.pdf
2015-11-26 16:19 - 2015-11-26 17:43 - 00000000 ____D C:\Users\Daniel\Desktop\Schwab Melli
2015-11-25 16:11 - 2015-11-25 16:11 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 16:00 - 2015-11-25 16:00 - 00273974 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 15:59 - 2015-11-25 15:59 - 00076125 _____ C:\Users\Daniel\Downloads\Kopie von Dienstplan_Änderung2 (1).xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 18:21 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-22 18:21 - 2015-02-13 17:03 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-12-22 18:18 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-12-22 18:16 - 2014-08-16 20:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-22 18:16 - 2014-05-26 12:17 - 00000000 ____D C:\ProgramData\Adobe
2015-12-22 18:16 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2015-12-22 18:15 - 2014-05-26 12:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-22 18:02 - 2014-06-07 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-22 18:00 - 2015-08-01 19:33 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-22 18:00 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-22 18:00 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-22 18:00 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-22 17:58 - 2014-11-03 18:22 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-22 17:54 - 2014-05-05 05:06 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 17:53 - 2015-08-01 19:20 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-22 17:53 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-22 17:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-22 17:53 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-22 17:53 - 2014-06-23 15:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-22 17:51 - 2014-05-13 20:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Notepad++
2015-12-22 17:45 - 2015-04-02 10:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2015-12-22 17:24 - 2014-05-05 05:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 15:45 - 2015-08-08 19:27 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88EEB1D5-370C-4812-9418-EDF692A916C5}
2015-12-22 14:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-22 11:50 - 2015-08-01 19:21 - 00000000 ____D C:\Users\postgres
2015-12-22 11:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 11:27 - 2015-08-01 19:21 - 00000000 ____D C:\Users\Daniel
2015-12-22 11:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-22 11:07 - 2014-05-29 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-12-22 11:07 - 2014-05-13 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-22 02:00 - 2014-06-23 14:35 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-12-21 15:41 - 2015-08-16 17:58 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2015-12-21 11:06 - 2015-10-03 15:02 - 00010560 _____ C:\Users\Daniel\Desktop\Lego-Architecture.xlsx
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\ProgramData\AMD
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-21 10:27 - 2014-05-05 05:07 - 00000000 ____D C:\AMD
2015-12-21 10:25 - 2015-08-25 19:22 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-12-21 10:25 - 2015-08-25 19:22 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-12-21 10:25 - 2015-07-16 01:12 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01223544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-12-21 10:25 - 2015-07-16 00:17 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-12-21 10:25 - 2015-07-16 00:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-12-21 10:25 - 2015-07-16 00:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-12-20 10:37 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-12-18 19:58 - 2015-09-19 10:01 - 00023600 _____ C:\Users\Daniel\Desktop\Kaufpreis Backnang.xlsx
2015-12-18 17:14 - 2015-07-10 17:44 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-18 10:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-12-17 18:52 - 2015-08-20 15:17 - 00002099 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-12-17 18:52 - 2014-07-10 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-17 18:52 - 2014-05-05 05:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-17 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-15 17:33 - 2015-08-15 18:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-15 13:24 - 2014-11-03 18:30 - 00000000 ____D C:\Users\Daniel\.VirtualBox
2015-12-15 13:11 - 2015-08-01 19:25 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-15 13:11 - 2015-06-26 22:05 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-15 13:11 - 2014-12-29 16:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-15 13:11 - 2014-10-20 18:02 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-12-15 13:11 - 2014-08-16 20:58 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-15 13:11 - 2014-08-16 20:57 - 00001527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-15 13:11 - 2014-08-16 17:13 - 00001750 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-12-15 13:11 - 2014-05-13 19:27 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-15 13:10 - 2015-08-26 18:40 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-12-15 13:10 - 2015-08-16 18:00 - 00002234 _____ C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-12-15 13:08 - 2015-08-01 20:21 - 00002425 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-15 13:08 - 2015-05-16 13:40 - 00002158 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\KÜCHEN QUELLE 3D.lnk
2015-12-15 13:08 - 2015-01-18 17:42 - 00001033 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-12-15 13:08 - 2015-01-08 18:29 - 00001822 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Coral Poker.lnk
2015-12-15 13:08 - 2014-12-16 14:46 - 00001830 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk
2015-12-15 13:08 - 2014-08-21 15:45 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-12-15 13:08 - 2014-07-25 19:12 - 00001792 _____ C:\ProgramData\Microsoft\Windows\Start Menu\24hPoker.lnk
2015-12-15 13:08 - 2014-07-02 16:36 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-06-14 19:21 - 00001120 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-05-18 20:21 - 00000295 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-15 13:08 - 2014-05-17 11:36 - 00001079 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerRanger.lnk
2015-12-15 13:08 - 2014-05-05 15:46 - 00001188 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
2015-12-15 13:08 - 2014-05-05 15:24 - 00000811 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2015-12-15 13:07 - 2015-10-12 19:18 - 00002180 _____ C:\Users\Daniel\Desktop\AusweisApp2.lnk
2015-12-15 12:04 - 2015-08-01 20:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-15 11:12 - 2014-10-20 17:34 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-14 22:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 22:20 - 2015-09-06 12:11 - 00000000 ____D C:\WINDOWS\Panther
2015-12-14 22:15 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-14 19:15 - 2015-07-10 13:20 - 04962496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 14:22 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Skype
2015-12-14 14:22 - 2014-05-05 05:07 - 00000000 ____D C:\ProgramData\Skype
2015-12-14 14:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 12:55 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-14 12:50 - 2014-11-03 18:25 - 00000000 ____D C:\Program Files\Andy
2015-12-14 11:44 - 2014-05-05 14:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-14 11:44 - 2014-05-05 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-14 11:43 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-14 11:41 - 2014-05-10 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-14 11:39 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-14 11:38 - 2014-05-07 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 11:32 - 2014-05-07 16:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-14 09:46 - 2014-05-05 05:05 - 00000000 ___RD C:\Users\Daniel\OneDrive
2015-12-12 19:44 - 2014-06-14 19:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\PokerStars.EU
2015-12-09 04:39 - 2014-05-07 18:25 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-06 11:19 - 2014-05-05 05:06 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 11:19 - 2014-05-05 05:06 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 11:04 - 2014-08-16 21:42 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-06 11:04 - 2014-05-05 14:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\AMD
2015-12-01 01:32 - 2015-10-03 15:01 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-03 15:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-27 21:25 - 2014-11-27 21:25 - 0004676 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-05-16 13:40 - 2015-05-16 13:40 - 0370070 _____ () C:\Users\Daniel\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2015-02-13 17:03 - 2015-02-13 17:03 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-05 15:24 - 2014-05-05 15:24 - 0558105 _____ () C:\ProgramData\1399299703.bdinstall.bin
2015-01-05 15:23 - 2015-01-05 15:23 - 0259192 _____ () C:\ProgramData\1420467746.bdinstall.bin
2015-02-08 16:01 - 2015-02-08 16:01 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-08-01 19:19 - 2015-08-01 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-09 18:17 - 2014-08-09 18:17 - 0005044 _____ () C:\ProgramData\flwjycbm.bab

Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\prog.exe
C:\Users\Daniel\AppData\Local\Temp\tmp6407.exe
C:\Users\Daniel\AppData\Local\Temp\tmpF8DA.exe
C:\Users\Daniel\AppData\Local\Temp\Uninstall.exe
C:\Users\Daniel\AppData\Local\Temp\upd.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-14 22:04

==================== Ende von FRST.txt ============================
         
--- --- ---


Addition.txt
FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Daniel (2015-12-22 18:22:32)
Gestartet von C:\Users\Daniel\Desktop
Windows 10 Pro (X64) (2015-08-01 19:18:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2676936528-1030403693-891089861-500 - Administrator - Disabled)
BitBox (S-1-5-21-2676936528-1030403693-891089861-1013 - Limited - Enabled)
Daniel (S-1-5-21-2676936528-1030403693-891089861-1001 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-2676936528-1030403693-891089861-503 - Limited - Disabled)
Gast (S-1-5-21-2676936528-1030403693-891089861-501 - Limited - Disabled)
Gl0ba_000 (S-1-5-21-2676936528-1030403693-891089861-1007 - Administrator - Enabled) => C:\Users\Gl0ba_000
HomeGroupUser$ (S-1-5-21-2676936528-1030403693-891089861-1003 - Limited - Enabled)
postgres (S-1-5-21-2676936528-1030403693-891089861-1006 - Limited - Enabled) => C:\Users\postgres

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

24hPoker (HKLM-x32\...\24hPoker (Poker)) (Version: 16.6.2.11243 - )
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Advanced WarCraft3 Configurator (remove only) (HKLM-x32\...\AWC) (Version:  - )
ALNO AG  Küchenplaner (HKLM-x32\...\{A89131FD-3D18-4DA8-84C8-622423011B51}_is1) (Version: 14a - ALNO AG)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Andy OS (HKLM-x32\...\Andy OS) (Version: 0.43 - Andy OS, Inc)
AusweisApp2 (HKLM-x32\...\{1C785E05-CFC7-43BE-9A52-9FB39C180CB8}) (Version: 1.2.2 - Governikus GmbH & Co. KG)
BandwidthStat (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\BandwidthStat) (Version: 1.0 - BandwidthStat)
Betfair.com Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Betfair.com Poker) (Version:  - )
Betfair.com Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Betfair.com Poker) (Version:  - )
BlueStacks App Player (HKLM-x32\...\{1996E857-C787-4205-B4FF-73FDB117DCED}) (Version: 2.0.1.5621 - BlueStack Systems, Inc.)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.1.4-r150 - Sirrix AG)
Business Card Designer Plus 11 (HKLM-x32\...\BCDP11_is1) (Version:  - CAM Development)
Camtasia Studio 8 (HKLM-x32\...\{419CEBE1-36E9-4AB2-8586-D6213AE28621}) (Version: 8.4.0.1699 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Coral Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Coral Poker) (Version:  - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.3.0 - devolo AG)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EPSON SX410 Series Printer Uninstall (HKLM\...\EPSON SX410 Series) (Version:  - SEIKO EPSON Corporation)
etope Lister 2 (HKLM-x32\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.18.3 - Androxyde)
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 5.22.10.WIN.FullTilt.EU - )
Genymotion version 2.4.0 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.4.0 - Genymobile)
GetFLV 9.6.2.9 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version:  - )
ICCup Launcher (HKLM-x32\...\ICCup Launcher_is1) (Version: 1.6 - ICCup)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170600}) (Version: 1.7.0.600 - Oracle)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\SquareClock_Production_Home_KQ_Web) (Version:  - 3DVIA SAS)
LINE (HKLM-x32\...\LINE) (Version: 4.1.2.525 - LINE Corporation)
MakeMKV v1.9.0 (HKLM-x32\...\MakeMKV) (Version: v1.9.0 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MouseRecorder v1.0.42 (HKLM-x32\...\MouseRecorder_is1) (Version: 1.0.42 - Bartels Media GmbH)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
Oracle VM VirtualBox 5.0.10_Sirrix (HKLM\...\{15DB0BEC-4D4B-4471-9E37-2FB454965C05}) (Version: 5.0.10 - Sirrix AG)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PokerRanger  (HKLM-x32\...\PokerRanger) (Version:  - Michael A. Voelkel)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version:  - )
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 beta r2211 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.9.201506301709 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarMoney (x32 Version: 4.0.8.25 - StarFinanz) Hidden
StarMoney 9.0  (HKLM-x32\...\{FCC4357A-A357-4909-B67D-4C713548A97F}) (Version: 9.0 - Star Finanz GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 7.2.3.0 - PacketVideo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version:  - Microsoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Winner Poker (HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\winnerpoker) (Version:  - )
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2676936528-1030403693-891089861-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

22-12-2015 18:14:35 Removed Adobe Reader XI (11.0.13) - Deutsch.

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-12-22 18:20 - 00001262 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1  192.150.14.69
127.0.0.1  192.150.18.101
127.0.0.1  192.150.18.108
127.0.0.1  192.150.22.4
127.0.0.1  192.150.22.40
127.0.0.1  192.150.8.100
127.0.0.1  192.150.8.118
127.0.0.1  192.168.112.207
127.0.0.1  192.168.112.2o7.net
127.0.0.1  194.224.66.48 
127.0.0.1  199.7.52.190
127.0.0.1  199.7.52.190:80
127.0.0.1  199.7.54.72
127.0.0.1  199.7.54.72:80
127.0.0.1  209.34.83.67
127.0.0.1  209.34.83.67:43
127.0.0.1  209.34.83.67:443
127.0.0.1  209.34.83.73
127.0.0.1  209.34.83.73:43
127.0.0.1  209.34.83.73:443

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0D4EE4C0-C7D6-4D3A-81E2-A19A5990EC0D} - System32\Tasks\SoftUpgrade => C:\Program Files (x86)\SoftUpgrade\softup.exe [2015-12-01] ()
Task: {10A445EC-5812-459B-AB19-3EDBC80EB37E} - System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F} => pcalua.exe -a C:\Users\Daniel\Downloads\epson325480eu.exe -d C:\Users\Daniel\Downloads
Task: {19192A32-34DD-4A03-A38D-B888B0D8A4B5} - System32\Tasks\{04A1AFE4-B868-406E-980C-5285134DB7CD} => pcalua.exe -a "C:\Users\Daniel\Desktop\USB VCOM Driver\install_driver.exe" -d "C:\Users\Daniel\Desktop\USB VCOM Driver"
Task: {1A081C88-BE90-499C-A32A-2F72BBA8AE85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-12] (Adobe Systems Incorporated)
Task: {25E7AED0-66D0-49C9-875F-3D90724BFD45} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {26C149ED-D3CD-4CC4-BF7A-B365D3930DC6} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {29BCDCEF-5D03-45D0-954F-BA95F786AA3D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2C34182D-826A-4049-B023-E33E6C57A78D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-14] (Microsoft Corporation)
Task: {30720E03-8606-45DC-935D-0C6DDE2C60B0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {31CB0D50-2B69-4633-8AC6-3BB1A9A369C0} - System32\Tasks\AdobeAAMUpdater-1.0-Globality-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {3E3A08A1-4A29-4FFB-AD24-2E2A7E937FFB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4ADC82BA-5D20-44A9-A007-49384C560CD7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5071EA31-FC77-4ACA-8EFC-E26A6A297D54} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {51830C57-7B39-4137-8081-94A14D0093E2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5DE863B4-E0C5-4E86-9F52-801FA2B6210D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {65D9614B-71AB-4FA3-9710-7CBA1509B463} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6A60CB4C-7828-489A-8839-75C6BA3B4281} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {6C87DDAE-46B3-4972-A2C3-5DD8D40ED8BA} - System32\Tasks\Ahonaradra => C:\ProgramData\Ahonaradra\1.0.7.1\vlotifox.exe
Task: {6E5102ED-DE5B-444E-81FD-40CDD6DCD691} - \SwiftSearch Auto Updater 1.10.0.25 Core -> Keine Datei <==== ACHTUNG
Task: {80016EDB-E276-499C-B2E8-CE4CEDD252AE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8349288D-1F49-4203-BBB2-AE5A3099B1A5} - System32\Tasks\spw3016 => C:\Program Files (x86)\QuickSearch\spw3016.exe [2015-12-01] () <==== ACHTUNG
Task: {913B0182-B33B-4682-B8E9-F4E0C9B0C022} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B0677499-1F3A-4830-A73C-686C8F60B2B6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B2C027EB-4715-4128-B2E2-153DB2C21BD2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B616205F-BEC7-43E0-9210-2459C73CE583} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {B7A31BED-B7FF-44A2-8968-F05FA6EAB4C6} - \SwiftSearch Auto Updater 1.10.0.25 Pending Update -> Keine Datei <==== ACHTUNG
Task: {E45D9012-778B-4B8C-ACDF-FA1D5D205CC7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E6C20D06-5920-4CB4-96E0-906A774B8027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E850C883-1B0B-4502-9D71-7351BB937B6D} - System32\Tasks\WOXRGHDNAFGIQKGK => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG
Task: {F2DDDD76-1783-4D8E-9127-CF6A50B82B7E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WOXRGHDNAFGIQKGK.job => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-01 20:12 - 2015-08-01 20:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-15 20:39 - 2015-07-15 20:39 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-19 08:53 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-05-23 14:57 - 2013-05-23 14:57 - 00885576 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
2013-05-23 14:58 - 2013-05-23 14:58 - 02204488 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2015-10-01 02:38 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-01 21:15 - 2015-12-01 21:15 - 00058684 _____ () C:\Program Files (x86)\QuickSearch\spw3016.exe
2015-10-01 02:38 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-15 13:42 - 2015-08-15 13:42 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-10-01 02:38 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2014-07-10 16:29 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-12-23 08:07 - 2013-12-23 08:07 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-12-23 08:07 - 2013-12-23 08:07 - 00793784 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2013-12-23 08:04 - 2013-12-23 08:04 - 00025088 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
2015-07-15 20:38 - 2015-07-15 20:38 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-12-12 19:59 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-12 19:58 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 02:38 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2010-12-23 11:06 - 2010-12-23 11:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd
2014-06-30 16:03 - 2014-06-30 16:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd
2015-12-15 11:33 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-08-16 17:59 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2014-05-05 05:11 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-05-05 05:11 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2013-05-23 14:58 - 2013-05-23 14:58 - 00222024 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\wmdrmdll.dll
2015-12-22 17:54 - 2015-12-22 17:54 - 00013824 _____ () C:\WINDOWS\TEMP\nslC16D.tmp\UAC.dll
2015-12-22 17:54 - 2015-12-22 17:54 - 00011264 _____ () C:\WINDOWS\TEMP\nslC16D.tmp\System.dll
2015-12-22 17:54 - 2015-12-22 17:54 - 00006656 _____ () C:\WINDOWS\TEMP\nslC16D.tmp\nsExec.dll
2015-12-22 17:54 - 2015-12-22 17:54 - 00011264 _____ () C:\WINDOWS\TEMP\nsc452.tmp\System.dll
2014-07-10 16:29 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-07-10 16:29 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2014-07-10 16:29 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-06-24 16:46 - 2015-06-24 16:46 - 00801792 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-08-18 03:20 - 2015-08-18 03:20 - 03129368 _____ () C:\Program Files (x86)\Naver\LINE\ampkit_windows.dll
2015-07-03 06:44 - 2015-07-03 06:44 - 00123416 _____ () C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll
2015-11-25 20:18 - 2015-11-25 20:18 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-10 17:55 - 2015-12-14 12:54 - 03287552 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2015-08-15 13:42 - 2015-08-15 13:42 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-12-17 19:38 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 19:38 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-17 19:38 - 2015-12-11 04:54 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Daniel\Downloads\24hpoker.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\awc117_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\bcdp115_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\dotNetFx40_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\dotNetFx45_Full_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Downloader_StarCraft_Combo_enGB (1).exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Downloader_StarCraft_Combo_enGB.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\driver_setup.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 29.0.1 (1).exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 29.0.1.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Rainmeter-3.1-r2211-beta.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Rainmeter-3.2-r2302-beta.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\TeamViewer_Setup_de.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\Tunngle_Setup_v4.5.1.4b.exe:BDU
AlternateDataStreams: C:\Users\Daniel\Downloads\UnstopCpy_5_2_Win2K_UP_Setup.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\127.0.0.1 -> hxxp://127.0.0.1

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{86B94AA2-1974-4259-8623-74A89B26E90A}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{71F2C407-7331-498A-8426-B24F465AF5A6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [UDP Query User{9697C13A-ACF0-42FA-8DB3-DE00CB791229}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [TCP Query User{9B4EAA87-D5D7-4BC5-BBC8-3A1F66080E5C}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Block) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe
FirewallRules: [{A319014D-7C7C-4E14-8393-C7EBD13B7853}] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [{5DCE1293-AA8A-404E-9998-9C7D4E9EB905}] => (Block) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [UDP Query User{371F79D9-44DB-460C-AFD1-22AD1EC9F1BF}C:\program files\graphisoft\archicad 18\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [TCP Query User{EE847DFA-BE7C-447E-B474-1FF81C73F2C9}C:\program files\graphisoft\archicad 18\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 18\archicad.exe
FirewallRules: [{C969DC84-6A5C-4189-A0B9-09DEF39A2E3B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{4FFC1C3F-C2AE-41A6-8185-96D1ACEC7286}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{651E66C8-FD77-4885-81EA-AC43378DD3BA}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{7B85E5A8-2D27-4A7F-BD7E-BC73BF4163E9}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{88DF49BF-3580-4919-97C1-E88AFF860949}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{926FC48E-ED8B-4C92-955B-296B61E925CE}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{1E8F8E48-947E-4D1F-9068-A487FE2A088B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{20323385-D02A-4647-B859-64512D6ED1F4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{087A2D3F-6CA3-4E74-8498-EEDFF4CF783F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{60A11106-7FC4-457A-95C0-2C8D4199C1E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E9E12CB3-9DE9-4FF7-89B2-09F9CEDF9BD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{115CCC81-9BE7-4D9A-B145-080EF6C055B9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EF5F2587-BAAB-4B16-AF91-609239231B84}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{987743EB-BBBE-4F9F-93BA-D70A431B2D4D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A267BE3-3D53-4E9C-848F-061DDC151FF9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{762FD712-99A1-403C-8D3E-67711B412F9A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CF0A6A64-9D00-43CA-83E2-DC5C6649F833}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{8EE06146-EB7F-4182-812B-C3D9EC267CF1}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{F7128546-8018-486F-9004-ACB69A65E116}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [{6F7ABD7C-F397-4D1A-8BE8-DC0515F2A5AE}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [UDP Query User{A3A97F3F-9A93-4F57-A1B7-36940B9C2874}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [TCP Query User{045EB7DF-B275-49C5-BA6B-428D73C6739D}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [{7AFFC66C-03DA-437C-8AB2-48E419AFDCA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{449501B3-39B2-4FB6-800B-6CD6DF00CF6C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90A1DF2C-EAC0-4B84-89A4-F662CA37FFDA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{869BF00F-C079-4E88-9776-1A1A602DBEAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{F141D448-2942-4F05-8703-8CF696BB6C17}C:\scbw\starcraft\starcraft.exe] => (Allow) C:\scbw\starcraft\starcraft.exe
FirewallRules: [TCP Query User{107F0B01-CB89-4B7F-B9E6-96BAF3571466}C:\scbw\starcraft\starcraft.exe] => (Allow) C:\scbw\starcraft\starcraft.exe
FirewallRules: [UDP Query User{AE6272D1-2450-4706-9C56-ABE0741995E6}C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe] => (Allow) C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe
FirewallRules: [TCP Query User{4BF3D7B6-2760-46E7-9F46-EAA1479759EA}C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe] => (Allow) C:\users\daniel\downloads\downloader_starcraft_combo_engb (1).exe
FirewallRules: [{E6AC2223-4DF5-4F90-9EA9-491D258D5E83}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{33B49934-626B-4C3F-A78D-74BD348957E2}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{EA5CD453-3965-4133-86B6-0C000AF66A79}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{1C40D6DB-86B4-40F9-BC4F-105E6472D27B}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [UDP Query User{C1B01E16-EF99-4E1A-A864-6DAFAC4E5798}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5D1CAF32-8957-4158-B3BE-D51582AB2CDC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DF33C812-2F04-4249-A019-39D66D66E102}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{99695F8E-713E-405B-ADA2-A7C1891ECECE}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{8E1AE219-EBA9-4EFD-8FFA-223411B4EBC3}] => (Allow) LPort=8317
FirewallRules: [{776219E5-631E-46EA-8176-420BCE2E3E57}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9B303E96-9E5E-4AF3-A676-55EAB07ADE03}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{15AFCDCC-5415-41DF-84A6-D7CEA5CE907D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{00FE9CCC-9E80-4932-B040-921CE05C4CD6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{C6817A1E-5A06-4512-BCD0-3D5F4FE632AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1FFD8D93-168C-48E9-9FA7-DA75D40EEBD5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DB5E0589-EB8B-4178-A438-CEBB55E965C5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0D070EA1-F417-4FCF-ADD5-C44F463377AC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F7BE67E2-C360-4C22-AA77-B34EFAA51D95}] => (Allow) LPort=5432
FirewallRules: [UDP Query User{FB63639D-4AE2-498F-A6C2-CC670BB39AFA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1D292F57-6542-46C2-81A4-6CFA258848F0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{472B1D19-BE19-4606-8C99-B557FEF56F58}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{0623A238-71BD-432F-B885-2E66DC4792F1}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{B217765B-9617-4A35-AC0A-A06D8094D9A9}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{F7D88F94-E186-4887-ADF7-F8DC73A7D534}] => (Allow) C:\Program Files (x86)\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.2.2\AusweisApp2.exe
FirewallRules: [{8F64E530-817E-484F-836C-3C21038E9BB3}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\Andy_45.5_x64\Setup.exe
FirewallRules: [{05E027AC-CF5F-4CB0-AF52-C1AF6B5385FD}] => (Allow) C:\Users\Daniel\AppData\Local\Temp\Andy_45.5_x64\Setup.exe
FirewallRules: [{B469A0FF-D98A-4C1D-AC14-08D0015304E8}] => (Allow) C:\Program Files (x86)\MouseRecorder\MouseRecorder.exe
FirewallRules: [{709E234E-C596-4BB0-B5A4-DD9B879BD223}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{13CDA863-80DD-487B-B2A1-DB8BF68E62F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{08DB7FE4-AE52-4F82-9111-2AC13B3561F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CBCAC336-34FB-4FBD-B567-A0A04984BD0E}] => (Allow) %ProgramFiles% (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe
FirewallRules: [{7764F249-3B76-428C-9BB9-1A1A949F4AF4}] => (Allow) %ProgramFiles% (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/22/2015 06:14:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/22/2015 05:55:13 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (12/22/2015 05:55:13 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (12/22/2015 05:55:12 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/22/2015 05:55:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (12/22/2015 05:55:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (12/22/2015 05:55:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (12/22/2015 05:55:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (12/22/2015 05:52:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Globality)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/22/2015 05:52:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Globality)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (12/22/2015 05:57:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/22/2015 05:55:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:55:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:55:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:55:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:55:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:55:00 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:54:57 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:54:57 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/22/2015 05:54:55 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


CodeIntegrity:
===================================
  Date: 2015-12-21 10:25:12.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:30:38.676
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:30:33.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:29:35.352
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-20 13:29:22.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 12:28:26.016
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 12:28:25.986
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-18 12:27:44.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-15 22:15:40.448
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-15 16:38:57.109
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A8-5600K APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 7630.72 MB
Verfügbarer physikalischer RAM: 4034.93 MB
Summe virtueller Speicher: 8846.72 MB
Verfügbarer virtueller Speicher: 4356.8 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.45 GB) (Free:3.33 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:72.9 GB) NTFS
Drive e: (Daniela&Daniel) (CDROM) (Total:0.2 GB) (Free:0 GB) UDF
Drive g: () (Fixed) (Total:465.76 GB) (Free:42.58 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DD2BA3CD)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6BFA1C83)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7DECB287)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
--- --- ---


Alt 22.12.2015, 17:28   #6
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Hi,

Schritt # 1: AdwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt # 2: FRST

Bitte noch ein frisches FRST-Log.



Schritt # 3: Bitte Posten
  • Das Log von AdwCleaner
  • Das frische FRST-Log
__________________
--> Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam

Alt 22.12.2015, 17:49   #7
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



hier die Logs.

AdwCleaner[Ca].txt
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.026 - Bericht erstellt am 22/12/2015 um 18:43:18
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-21.3 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Daniel - GLOBALITY
# Gestartet von : C:\Users\Daniel\Desktop\AdwCleaner_5.026.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : CouponPrinterService

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
[-] Ordner Gelöscht : C:\Program Files (x86)\Coupons
[-] Ordner Gelöscht : C:\Program Files (x86)\QuickSearch
[-] Ordner Gelöscht : C:\Program Files (x86)\03000200-1450173802-0500-0006-000700080009
[-] Ordner Gelöscht : C:\ProgramData\WPM
[-] Ordner Gelöscht : C:\ProgramData\19a87fa1ec024bbcbb41931263354405
[-] Ordner Gelöscht : C:\ProgramData\Service1104
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Ordner Gelöscht : C:\Users\Daniel\AppData\Local\SmartWeb
[-] Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
[-] Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil
[-] Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Systweak
[-] Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\cpuminer
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\zcengine

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_elicpjhcidhpjomhibiffojpinpmmpil_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngocbkfmikdgphklgmmehbjjlfgdemm_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gngocbkfmikdgphklgmmehbjjlfgdemm_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.best-deals-products.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.superfish.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.best-deals-products.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxps_www.superfish.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.mystart.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.mystart.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Daniel\Favorites\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Daniel\Favorites\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Daniel\Favorites\Links\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Daniel\Favorites\Links\Startfenster.lnk
[-] Datei Gelöscht : C:\WINDOWS\Installer\58262.msi
[-] Datei Gelöscht : C:\WINDOWS\SysNative\roboot64.exe

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : spw3016
[-] Geplante Aufgabe Gelöscht : WOXRGHDNAFGIQKGK

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp
[-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcengine
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9F2949D6-977B-4B61-B513-0C2EE52C2B4F}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{34EBA76A-E745-4B18-96C9-2B8E2BA8B246}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3A8E009B-E66D-4016-87CF-EC57FA9A4BC1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4D4D0357-0376-4656-A040-65AC089E84A2}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D5AF218-5F7E-40E0-B49D-54FFAFE2001A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{89E46EA6-2F87-4D79-8FFA-8B264F93F54A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9ECCDEFC-1C26-4BB3-B6DF-252672D9FFFA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F1BC674D-15D8-46C5-AC51-12AB16D67616}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F811C371-1DC7-4E2F-8676-D96B85BE4AF1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3323765B-5B83-4406-841E-473DBA4B8F29}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{389562C4-59D9-40C4-966E-28DA91725FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6ED1EF08-DFF4-4252-8986-691D06C54131}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{83E07061-02D1-41EC-8751-BB176B823C38}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0948E7-227A-4F1B-9849-2D8912F185A7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A471A4AA-5C18-429F-81BF-6C760941DB74}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F7971E81-FC71-4659-8CCE-C903576E0924}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{024BF4C8-B53D-45B9-957F-D3BA9655FF39}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{074DCA49-F6A1-417F-B79E-D5E3ADC30330}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{029AF757-A988-4BDD-A744-A4C7BCEBB011}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EB6628CF-0675-4DAE-95CE-EFFA23169743}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3323765B-5B83-4406-841E-473DBA4B8F29}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{389562C4-59D9-40C4-966E-28DA91725FFE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6ED1EF08-DFF4-4252-8986-691D06C54131}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{83E07061-02D1-41EC-8751-BB176B823C38}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0948E7-227A-4F1B-9849-2D8912F185A7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A471A4AA-5C18-429F-81BF-6C760941DB74}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7971E81-FC71-4659-8CCE-C903576E0924}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{024BF4C8-B53D-45B9-957F-D3BA9655FF39}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{074DCA49-F6A1-417F-B79E-D5E3ADC30330}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Tutorials
[-] Schlüssel Gelöscht : HKCU\Software\DAILYPCCLEAN
[-] Schlüssel Gelöscht : HKCU\Software\tstamptoken
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Tinstalls
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Wpm
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\SVH
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\QuickSearch
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.3
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mystart.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\re-markit.co
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.re-markit00.re-markit.co
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.mystart.com
[-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.watch4.de
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mystart.com
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\re-markit.co
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.re-markit00.re-markit.co
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.mystart.com
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.watch4.de

***** [ Internetbrowser ] *****

[-] [C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxps://www.mystart.com/?pr=systma&id=byd&v=1_0");
[-] [C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.fvd_single.__surfcanyon_disable_time", "1");
[-] [C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.fvd_single.seopack.b_surfcanyon", true);
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : sweet-page
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mystart.com
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mystart
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : trovi.search
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : elicpjhcidhpjomhibiffojpinpmmpil
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : lfmhcpmkbdkbgbmkjoiopeeegenkdikp

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15673 Bytes] ##########
         
--- --- ---


FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Daniel (Administrator) auf GLOBALITY (22-12-2015 18:46:01)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe" start "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Internet Monitor) C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
() C:\Program Files\Rainmeter\Rainmeter.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883280 2015-12-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [15664152 2015-08-18] (LINE Corporation)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [BandwidthStat] => C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe [569344 2015-12-15] (Internet Monitor)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2015-12-15]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-15]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c3d2b33a-5f1a-4bce-8c16-a5ea94bc6a72}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default
FF NewTab: about:newtab
FF DefaultSearchEngine: MyStart
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-02] (Coupons, Inc.)
FF Extension: Flash and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-12]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\artur.dubovoy@gmail.com [2015-12-12]
FF Extension: FireFTP - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-12-12]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google*Übersetzer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (FTP Free) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn [2014-09-27]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-01-16]
CHR Extension: (Codeanywhere) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432720 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412240 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854608 2015-12-10] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3645432 2014-07-18] (devolo AG)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-12-10] (BlueStack Systems)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-15] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 18:45 - 2015-12-22 18:45 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-12-22 18:44 - 2015-12-22 18:44 - 00016148 _____ C:\WINDOWS\system32\GLOBALITY_Daniel_HistoryPrediction.bin
2015-12-22 18:36 - 2015-12-22 18:43 - 00000000 ____D C:\AdwCleaner
2015-12-22 18:32 - 2015-12-22 18:32 - 01743360 _____ C:\Users\Daniel\Desktop\AdwCleaner_5.026.exe
2015-12-22 18:22 - 2015-12-22 18:23 - 00050521 _____ C:\Users\Daniel\Desktop\Addition.txt
2015-12-22 18:21 - 2015-12-22 18:46 - 00019742 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-22 18:20 - 2015-12-22 18:00 - 00001283 ____N C:\WINDOWS\system32\Drivers\etc\hosts_bkup
2015-12-22 18:15 - 2015-12-22 18:15 - 06708416 _____ (Adobe System Incorporated.) C:\Users\Daniel\Downloads\AdobeCreativeCloudCleanerTool.exe
2015-12-22 12:01 - 2015-12-22 12:01 - 00007493 _____ C:\Users\Daniel\Desktop\Malwarebyte.txt
2015-12-22 11:49 - 2015-12-22 11:50 - 00000532 _____ C:\Users\Daniel\Desktop\Neues Textdokument.txt
2015-12-22 11:37 - 2015-12-22 18:45 - 00000000 ____D C:\FRST
2015-12-22 11:36 - 2015-12-22 11:37 - 02370560 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-21 14:28 - 2015-12-21 14:28 - 00514327 _____ C:\Users\Daniel\Desktop\20151221.pdf
2015-12-21 14:24 - 2015-12-21 14:24 - 00000000 ____D C:\ProgramData\ATI
2015-12-21 11:16 - 2015-12-21 11:16 - 00036520 _____ C:\Users\Daniel\Documents\arena.mrf
2015-12-21 10:28 - 2015-12-21 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-21 10:26 - 2015-12-21 10:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-12-21 10:25 - 2015-12-21 10:25 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 39720944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 30775792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00631792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00130064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00110320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-12-20 20:56 - 2015-12-20 20:56 - 00478062 _____ C:\Users\Daniel\Desktop\20151220.pdf
2015-12-20 17:19 - 2015-12-22 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 13:28 - 2015-12-21 14:29 - 00283623 _____ C:\Users\Daniel\Desktop\Dienstplan_TV_Cannstatt.xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-18 10:57 - 2015-12-18 11:03 - 606692048 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.chrome.Archive.exe
2015-12-18 10:41 - 2015-12-19 19:28 - 00000222 _____ C:\Users\Daniel\Desktop\nicht angreiffen.txt
2015-12-18 10:36 - 2015-12-18 10:36 - 00617444 _____ C:\Users\Daniel\Downloads\Browser-in-the-Box_Benutzerhandbuch.pdf
2015-12-16 15:10 - 2015-12-16 15:10 - 00025360 _____ C:\Users\Daniel\Documents\far-Flung Prairie.mrf
2015-12-15 21:23 - 2015-12-15 21:23 - 00034360 _____ C:\Users\Daniel\Documents\nightfall swamp.mrf
2015-12-15 18:10 - 2015-12-15 18:11 - 21852240 _____ C:\Users\Daniel\Downloads\Smoothies.rar
2015-12-15 17:33 - 2015-12-15 17:33 - 00280112 _____ C:\WINDOWS\Minidump\121515-9359-01.dmp
2015-12-15 15:47 - 2015-12-15 15:47 - 00006660 _____ C:\Users\Daniel\Downloads\Rechnung Nr. 15005998.pdf
2015-12-15 13:56 - 2015-12-15 13:56 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1) (1).pdf
2015-12-15 13:53 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1).pdf
2015-12-15 13:52 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung.pdf
2015-12-15 13:36 - 2015-12-15 13:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-12-15 13:35 - 2015-12-15 13:35 - 00211398 _____ C:\Users\Daniel\Desktop\kündigung strom.pdf
2015-12-15 13:26 - 2015-12-18 11:04 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-18 11:04 - 00001320 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-15 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\ProgramData\Sirrix AG
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2015-12-15 13:21 - 2015-12-15 13:21 - 00000000 ____D C:\Program Files\Oracle
2015-12-15 13:14 - 2015-12-15 13:19 - 565717248 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.firefox.Archive.exe
2015-12-15 13:12 - 2015-12-17 19:43 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 13:11 - 2015-12-15 13:11 - 00927824 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup (1).exe
2015-12-15 12:47 - 2015-12-15 12:47 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form (1).pdf
2015-12-15 12:44 - 2015-12-15 12:45 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form.pdf
2015-12-15 12:28 - 2015-12-15 12:36 - 24149323 _____ C:\Users\Daniel\Downloads\Malwarebytes Anti-Malware Premium 2.2.0.1024.rar
2015-12-15 12:21 - 2015-12-22 18:45 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 12:20 - 2015-12-15 13:10 - 00001165 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 12:17 - 2015-12-15 12:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniel\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 12:09 - 2015-12-15 12:09 - 00003530 _____ C:\WINDOWS\System32\Tasks\Ahonaradra
2015-12-15 12:01 - 2015-12-15 12:01 - 00003774 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Program Files (x86)\SoftUpgrade
2015-12-15 11:57 - 2015-12-15 11:57 - 00275717 _____ C:\Users\Daniel\Documents\151210 Rechnung_Lingel.pdf
2015-12-15 11:35 - 2015-12-15 11:35 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-15 11:34 - 2015-12-15 11:34 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-15 11:34 - 2015-12-15 11:34 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-12-15 11:34 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-12-15 11:34 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-12-15 11:33 - 2015-12-22 11:52 - 00000000 ____D C:\ProgramData\ProductData
2015-12-15 11:33 - 2015-12-15 11:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IObit
2015-12-15 11:33 - 2015-12-15 11:40 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProductData
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\IObit
2015-12-15 11:32 - 2015-12-15 11:41 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-15 11:32 - 2015-12-15 11:32 - 30003568 _____ (IObit ) C:\Users\Daniel\Downloads\IObit-Malware-Fighter-Setup3409.exe
2015-12-15 11:16 - 2015-12-15 11:16 - 17529025 _____ C:\Users\Daniel\Documents\151210 Rechnung Lingel.pdf
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\Opera Software
2015-12-15 11:04 - 2015-12-15 11:05 - 17231872 _____ C:\Users\Daniel\Downloads\epson374980eu.exe
2015-12-15 11:03 - 2015-12-15 11:02 - 00004182 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-15 11:02 - 2015-12-22 18:43 - 00000008 __RSH C:\Users\Daniel\ntuser.pol
2015-12-15 11:02 - 2015-12-22 18:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-15 11:01 - 2015-12-15 11:01 - 00003294 _____ C:\WINDOWS\System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F}
2015-12-15 10:59 - 2015-12-15 10:59 - 12793856 _____ C:\Users\Daniel\Downloads\epson325480eu.exe
2015-12-15 10:57 - 2015-12-15 10:57 - 25198592 _____ C:\Users\Daniel\Downloads\epson324666eu.dmg
2015-12-14 20:52 - 2015-12-14 20:52 - 00030000 _____ C:\Users\Daniel\Documents\13.mrf
2015-12-14 14:28 - 2015-12-14 14:32 - 00027280 _____ C:\Users\Daniel\Documents\sunshine beach.mrf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116.pdf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116 (1).pdf
2015-12-14 14:22 - 2015-12-14 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-14 14:22 - 2015-12-14 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-14 14:11 - 2015-12-14 14:15 - 11692510 _____ C:\Users\Daniel\Downloads\GLGzFAmSSuC(zA.rar
2015-12-14 14:05 - 2015-12-14 14:15 - 32280461 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 522240.crdownload
2015-12-14 13:48 - 2015-12-14 13:48 - 00030280 _____ C:\Users\Daniel\Documents\Climbing Olympus.mrf
2015-12-14 13:20 - 2015-12-15 16:21 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\Program Files (x86)\MouseRecorder
2015-12-14 13:19 - 2015-12-14 13:21 - 02467080 _____ (Bartels Media GmbH ) C:\Users\Daniel\Downloads\MouseRecorderSetup1042.exe
2015-12-14 13:17 - 2015-12-14 13:17 - 02331531 _____ C:\Users\Daniel\Downloads\MRP276Setup.zip
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\Documents\My Recorded Scripts
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Nemex
2015-12-14 13:09 - 2015-12-14 13:09 - 02332069 _____ C:\Users\Daniel\Downloads\mrp275setup.zip
2015-12-14 13:01 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup (1).exe
2015-12-14 12:55 - 2015-12-15 13:10 - 00001682 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-15 13:08 - 00001742 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup.exe
2015-12-14 12:55 - 2015-12-14 12:55 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-14 12:54 - 2015-12-14 12:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\fabi.me
2015-12-14 12:53 - 2015-12-14 12:55 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:54 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:53 - 00094899 _____ C:\Users\Daniel\Downloads\SpeedAutoClicker.zip
2015-12-14 12:46 - 2015-12-14 12:47 - 308301520 _____ (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks2-Installer_native.exe
2015-12-12 19:59 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 19:59 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-12 19:59 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-12 19:59 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-12 19:59 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 19:59 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 19:59 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-12 19:59 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-12 19:59 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-12 19:59 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 19:59 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-12 19:59 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-12 19:59 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-12 19:58 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-12 19:58 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-12 19:58 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-12 19:58 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-12 19:58 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-12 19:58 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 19:58 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-12 19:58 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-12 19:58 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 19:58 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 19:58 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-12 19:58 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-12 19:58 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 19:58 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1.zip
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1 (1).zip
2015-12-06 18:49 - 2015-12-06 18:49 - 04397665 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab (1).zip
2015-12-06 18:48 - 2015-12-06 18:48 - 01142560 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab.zip
2015-12-06 18:19 - 2015-12-06 18:19 - 03984004 _____ C:\Users\Daniel\Downloads\Bewerbung_Erzieherin_Daniele_Maier.pdf
2015-12-06 18:06 - 2015-12-06 18:06 - 00291489 _____ C:\Users\Daniel\Downloads\20151127131614271.pdf
2015-12-06 17:50 - 2015-12-06 17:50 - 00109513 _____ C:\Users\Daniel\Desktop\Anmeldung.pdf
2015-12-03 18:29 - 2015-12-03 18:29 - 00169351 _____ C:\Users\Daniel\Downloads\WAZ.pdf
2015-11-30 21:32 - 2015-11-30 21:32 - 00064681 _____ C:\Users\Daniel\Downloads\Rückseite.pdf
2015-11-30 21:31 - 2015-11-30 21:31 - 00064681 _____ C:\Users\Daniel\Desktop\Rückseite.pdf
2015-11-30 21:29 - 2015-11-30 21:29 - 00032176 _____ C:\Users\Daniel\Desktop\Vorderseite.pdf
2015-11-30 21:25 - 2015-11-30 21:25 - 04889088 _____ C:\Users\Daniel\Downloads\Da Carlo Front Visit.zdl
2015-11-30 21:25 - 2015-11-30 21:25 - 01163776 _____ C:\Users\Daniel\Downloads\Da Carlo Back Visit.zdl
2015-11-29 20:16 - 2015-11-29 20:16 - 00457667 _____ C:\Users\Daniel\Downloads\maui.pdf
2015-11-26 16:19 - 2015-11-26 17:43 - 00000000 ____D C:\Users\Daniel\Desktop\Schwab Melli
2015-11-25 16:11 - 2015-11-25 16:11 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 16:00 - 2015-11-25 16:00 - 00273974 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 15:59 - 2015-11-25 15:59 - 00076125 _____ C:\Users\Daniel\Downloads\Kopie von Dienstplan_Änderung2 (1).xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-22 18:45 - 2015-02-13 17:03 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-12-22 18:45 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-12-22 18:45 - 2014-05-05 05:06 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 18:44 - 2015-08-01 19:20 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-22 18:44 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-22 18:44 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-22 18:44 - 2014-06-23 15:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-22 18:43 - 2015-08-01 19:21 - 00000000 ____D C:\Users\Daniel
2015-12-22 18:24 - 2014-05-05 05:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 18:22 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-22 18:16 - 2014-08-16 20:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-22 18:16 - 2014-05-26 12:17 - 00000000 ____D C:\ProgramData\Adobe
2015-12-22 18:16 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2015-12-22 18:15 - 2014-05-26 12:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-22 18:02 - 2014-06-07 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-22 18:00 - 2015-08-01 19:33 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-22 18:00 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-22 18:00 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-22 18:00 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-22 17:58 - 2014-11-03 18:22 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-22 17:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-22 17:51 - 2014-05-13 20:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Notepad++
2015-12-22 17:45 - 2015-04-02 10:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2015-12-22 15:45 - 2015-08-08 19:27 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88EEB1D5-370C-4812-9418-EDF692A916C5}
2015-12-22 14:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-22 11:50 - 2015-08-01 19:21 - 00000000 ____D C:\Users\postgres
2015-12-22 11:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 11:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-22 11:07 - 2014-05-29 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-12-22 11:07 - 2014-05-13 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-22 02:00 - 2014-06-23 14:35 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-12-21 15:41 - 2015-08-16 17:58 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2015-12-21 11:06 - 2015-10-03 15:02 - 00010560 _____ C:\Users\Daniel\Desktop\Lego-Architecture.xlsx
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\ProgramData\AMD
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-21 10:27 - 2014-05-05 05:07 - 00000000 ____D C:\AMD
2015-12-21 10:25 - 2015-08-25 19:22 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-12-21 10:25 - 2015-08-25 19:22 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-12-21 10:25 - 2015-07-16 01:12 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01223544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-12-21 10:25 - 2015-07-16 00:17 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-12-21 10:25 - 2015-07-16 00:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-12-21 10:25 - 2015-07-16 00:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-12-20 10:37 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-12-18 19:58 - 2015-09-19 10:01 - 00023600 _____ C:\Users\Daniel\Desktop\Kaufpreis Backnang.xlsx
2015-12-18 17:14 - 2015-07-10 17:44 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-17 18:52 - 2015-08-20 15:17 - 00002099 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-12-17 18:52 - 2014-07-10 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-17 18:52 - 2014-05-05 05:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-17 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-15 17:33 - 2015-08-15 18:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-15 13:24 - 2014-11-03 18:30 - 00000000 ____D C:\Users\Daniel\.VirtualBox
2015-12-15 13:11 - 2015-08-01 19:25 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-15 13:11 - 2015-06-26 22:05 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-15 13:11 - 2014-12-29 16:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-15 13:11 - 2014-10-20 18:02 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-12-15 13:11 - 2014-08-16 20:58 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-15 13:11 - 2014-08-16 20:57 - 00001527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-15 13:11 - 2014-08-16 17:13 - 00001750 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-12-15 13:11 - 2014-05-13 19:27 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-15 13:10 - 2015-08-26 18:40 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-12-15 13:10 - 2015-08-16 18:00 - 00002234 _____ C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-12-15 13:08 - 2015-08-01 20:21 - 00002425 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-15 13:08 - 2015-05-16 13:40 - 00002158 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\KÜCHEN QUELLE 3D.lnk
2015-12-15 13:08 - 2015-01-18 17:42 - 00001033 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-12-15 13:08 - 2015-01-08 18:29 - 00001822 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Coral Poker.lnk
2015-12-15 13:08 - 2014-12-16 14:46 - 00001830 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk
2015-12-15 13:08 - 2014-08-21 15:45 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-12-15 13:08 - 2014-07-25 19:12 - 00001792 _____ C:\ProgramData\Microsoft\Windows\Start Menu\24hPoker.lnk
2015-12-15 13:08 - 2014-07-02 16:36 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-06-14 19:21 - 00001120 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-05-18 20:21 - 00000295 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-15 13:08 - 2014-05-17 11:36 - 00001079 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerRanger.lnk
2015-12-15 13:08 - 2014-05-05 15:24 - 00000811 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2015-12-15 13:07 - 2015-10-12 19:18 - 00002180 _____ C:\Users\Daniel\Desktop\AusweisApp2.lnk
2015-12-15 12:04 - 2015-08-01 20:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-15 11:12 - 2014-10-20 17:34 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-14 22:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 22:20 - 2015-09-06 12:11 - 00000000 ____D C:\WINDOWS\Panther
2015-12-14 22:15 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-14 19:15 - 2015-07-10 13:20 - 04962496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 14:22 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Skype
2015-12-14 14:22 - 2014-05-05 05:07 - 00000000 ____D C:\ProgramData\Skype
2015-12-14 14:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 12:55 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-14 12:50 - 2014-11-03 18:25 - 00000000 ____D C:\Program Files\Andy
2015-12-14 11:44 - 2014-05-05 14:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-14 11:44 - 2014-05-05 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-14 11:43 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-14 11:41 - 2014-05-10 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-14 11:39 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-14 11:38 - 2014-05-07 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 11:32 - 2014-05-07 16:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-14 09:46 - 2014-05-05 05:05 - 00000000 ___RD C:\Users\Daniel\OneDrive
2015-12-12 19:44 - 2014-06-14 19:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\PokerStars.EU
2015-12-09 04:39 - 2014-05-07 18:25 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-06 11:19 - 2014-05-05 05:06 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 11:19 - 2014-05-05 05:06 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 11:04 - 2014-08-16 21:42 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-06 11:04 - 2014-05-05 14:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\AMD
2015-12-01 01:32 - 2015-10-03 15:01 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-03 15:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-27 21:25 - 2014-11-27 21:25 - 0004676 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-05-16 13:40 - 2015-05-16 13:40 - 0370070 _____ () C:\Users\Daniel\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2015-02-13 17:03 - 2015-02-13 17:03 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-05 15:24 - 2014-05-05 15:24 - 0558105 _____ () C:\ProgramData\1399299703.bdinstall.bin
2015-01-05 15:23 - 2015-01-05 15:23 - 0259192 _____ () C:\ProgramData\1420467746.bdinstall.bin
2015-02-08 16:01 - 2015-02-08 16:01 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-08-01 19:19 - 2015-08-01 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-09 18:17 - 2014-08-09 18:17 - 0005044 _____ () C:\ProgramData\flwjycbm.bab

Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\prog.exe
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
C:\Users\Daniel\AppData\Local\Temp\tmp6407.exe
C:\Users\Daniel\AppData\Local\Temp\tmpF8DA.exe
C:\Users\Daniel\AppData\Local\Temp\Uninstall.exe
C:\Users\Daniel\AppData\Local\Temp\upd.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-14 22:04

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 22.12.2015, 18:16   #8
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Hi,

Schritt # 1: FRST Fix

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF DefaultSearchEngine: MyStart
C:\WINDOWS\system32\Drivers\etc\hosts_bkup
Hosts:
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt # 2: ESET


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt # 3: FRST

Und noch ein frisches FRST-Log bitte.



Schritt # 3: Frage

Noch Probleme?



Schritt # 5: Bitte Posten
  • Das Fixlog von FRST
  • Das Log von ESET
  • Das frische FRST-Log
  • Rückmeldung auf meine Frage

Alt 23.12.2015, 12:38   #9
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Mahlzeit Dennis,

zuerst einmal vielen Dank. Der Rechner ist wieder schnell ..
anbei die Logs, danach folgen die "weiteren Probleme"

FixLog.txt
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Daniel (2015-12-22 19:23:33) Run:1
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
FF DefaultSearchEngine: MyStart
C:\WINDOWS\system32\Drivers\etc\hosts_bkup
Hosts:
EmptyTemp:
         
*****************

"HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
Firefox DefaultSearchEngine erfolgreich entfernt
C:\WINDOWS\system32\Drivers\etc\hosts_bkup => erfolgreich verschoben
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
EmptyTemp: => 2.5 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:25:02 ====
         
Log.txt
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eb7ff69065a4c243aaf5381b93264e08
# end=init
# utc_time=2015-12-22 06:29:53
# local_time=2015-12-22 07:29:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27318
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eb7ff69065a4c243aaf5381b93264e08
# end=updated
# utc_time=2015-12-22 06:31:34
# local_time=2015-12-22 07:31:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eb7ff69065a4c243aaf5381b93264e08
# end=init
# utc_time=2015-12-23 06:41:20
# local_time=2015-12-23 07:41:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27327
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=eb7ff69065a4c243aaf5381b93264e08
# end=updated
# utc_time=2015-12-23 06:41:49
# local_time=2015-12-23 07:41:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=eb7ff69065a4c243aaf5381b93264e08
# engine=27327
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-23 10:19:51
# local_time=2015-12-23 11:19:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 65640 14340003 0 0
# scanned=753786
# found=31
# cleaned=0
# scan_time=13082
sh=8B2D47430C9FD3F74947798E27795D62B6E6A2D2 ft=1 fh=7c25938210c7dad1 vn="Variante von Win32/Adware.ConvertAd.AEL Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\03000200-1450173802-0500-0006-000700080009\rnse2F2B.exe.vir"
sh=099B373E85EBF932283A50E8C646308D062A74ED ft=1 fh=69a5a546e2ddf66b vn="Win32/Adware.ConvertAd.AEP Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\03000200-1450173802-0500-0006-000700080009\Uninstall.exe.vir"
sh=8D92C8072C6A4C670D953D74FD7456C16D3DC3F6 ft=1 fh=8ee61ef52a422d8a vn="Variante von Win32/Adware.Coupons.AA Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupons\uninstall.exe.vir"
sh=96C0C8FA2B59DEF911E3C5E4845955478BBC9C50 ft=1 fh=70b69c28e7f6585c vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\AZDLL.dll.vir"
sh=9AADD3E826818FB0C9C5CCBA6D82AD31DBAF3720 ft=1 fh=a26ce6deec6c8691 vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\AZDLL64.dll.vir"
sh=E7F3436241D282B508DC11A6AB86CD5A5D8AC2C3 ft=1 fh=31c116d8fb6527c0 vn="Variante von Win64/Packed.Komodia.D verdächtige Datei" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\AZDLL64.exe.vir"
sh=0CEDF45C3F5B1E824B405D43EA9732D6D4886F18 ft=1 fh=72a04e2614ea61e4 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\setupfa_1123.exe.vir"
sh=91A7ED671D6E759290CCB3FD935C9C92BE8E144C ft=1 fh=c933aebbd376884b vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zcenginecert.dll.vir"
sh=0113E5BFA2456495AA6C62475BDBB200AAC3F65A ft=1 fh=4f5468d640ecf4f1 vn="Variante von Win64/Packed.Komodia.D verdächtige Datei" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\QuickSearch\zengine64.exe.vir"
sh=16E2E4E68F197DF16CBB4A3C15337F000573B115 ft=0 fh=0000000000000000 vn="Variante von Android/Exploit.Lotoor.EW Trojaner" ac=I fn="C:\Flashtool\custom\root\run_root_shell\run_root_shell"
sh=74FACDDF0E4BDB1BDDD53B66488B29C568EF836A ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.EP Trojaner" ac=I fn="C:\MtkDroidTools\files\pwn"
sh=3E219BC7B689208301845C582162208DDBD1A3B7 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.DH Trojaner" ac=I fn="C:\MtkDroidTools\files\zR"
sh=74FACDDF0E4BDB1BDDD53B66488B29C568EF836A ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.EP Trojaner" ac=I fn="C:\Poker\files\pwn"
sh=3E219BC7B689208301845C582162208DDBD1A3B7 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.DH Trojaner" ac=I fn="C:\Poker\files\zR"
sh=74FACDDF0E4BDB1BDDD53B66488B29C568EF836A ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.EP Trojaner" ac=I fn="C:\Poker\MtkDroidTools\files\pwn"
sh=3E219BC7B689208301845C582162208DDBD1A3B7 ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.DH Trojaner" ac=I fn="C:\Poker\MtkDroidTools\files\zR"
sh=98BB61409B2A3729A81A418627847CA34750CDA1 ft=1 fh=c4a70072425fc364 vn="Variante von Win32/Adware.Coupons.AA Anwendung" ac=I fn="C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll"
sh=98BB61409B2A3729A81A418627847CA34750CDA1 ft=1 fh=c4a70072425fc364 vn="Variante von Win32/Adware.Coupons.AA Anwendung" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll"
sh=52DF752F17C4ADDD949469C5142041A96E5B5BE3 ft=0 fh=0000000000000000 vn="Variante von Android/Exploit.Lotoor.EW Trojaner" ac=I fn="C:\rooten\files\run_root_shell"
sh=2702A910AE0CE7F23568FB678D73A5FE91E159D2 ft=1 fh=3c9335911940df13 vn="Win32/Somoto.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000"
sh=C80717236B7C20671EAE67C1D622AB8053C595EE ft=1 fh=88d434eed201afcf vn="Win32/Somoto.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000001"
sh=74FACDDF0E4BDB1BDDD53B66488B29C568EF836A ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.EP Trojaner" ac=I fn="C:\Users\Daniel\AppData\Local\Skype\MtkDroidTools\files\pwn"
sh=CF5D65078EBC5E303843D37C1B49A4842CCAA6F8 ft=1 fh=88e77bea98981ff2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\ALNO_KPLSetup14a - CHIP-Installer.exe"
sh=297CC52598F94D3E4B110EB5267696842DDEF30A ft=1 fh=0dc4742c19b0f665 vn="Variante von Win32/Adware.Coupons.AA Anwendung" ac=I fn="C:\Users\Daniel\Downloads\CouponPrinter.exe"
sh=BE50478C5560ADEC236C14984D885E2221970E7B ft=0 fh=0000000000000000 vn="Variante von Android/Exploit.Lotoor.EW Trojaner" ac=I fn="C:\Users\Daniel\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v19a_perf-event-exploit.zip"
sh=EE72A87BCF456F46BD376EF2060159DC38F90093 ft=1 fh=fd655e07d8cf3557 vn="Variante von Win32/InstallCore.ADX.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\ipadian.exe"
sh=C63E2FCF9DC6AB0EAAA67FA307C60FCC97E88CDA ft=1 fh=0c44a5bf20b49c22 vn="Variante von Win32/OutBrowse.CB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Daniel\Downloads\setup.exe"
sh=7409EB1DEB8CFD42D98587492C38BEB47E805B68 ft=0 fh=0000000000000000 vn="Variante von Android/Exploit.Towel.A Trojaner" ac=I fn="C:\Users\Daniel\Downloads\tr.apk"
sh=9E48452F0BEB077875ECD5E625D888D9DBCB1B6E ft=1 fh=efa5a4c56e1322a3 vn="Variante von Win32/Adware.Coupons.AA Anwendung" ac=I fn="C:\Windows\CouponPrinter.ocx"
sh=AA0CDB3E32CF279719D0325A92B04214C48A447C ft=0 fh=0000000000000000 vn="LNK/Agent.CH Trojaner" ac=I fn="D:\sicherung\Dale Carnegie - Besser miteinander reden\Kostenloser Usenet Zugang.url"
sh=4E4B2F16C43FCFBFE3210DEBC006E0B45C6DE9DA ft=1 fh=ad40834f0d83a4c3 vn="Variante von Win32/Bundlore.B evtl. unerwünschte Anwendung" ac=I fn="D:\unsortiert\setup.exe"
         
FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Daniel (Administrator) auf GLOBALITY (23-12-2015 13:29:12)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe" start "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Internet Monitor) C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883280 2015-12-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [15664152 2015-08-18] (LINE Corporation)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [BandwidthStat] => C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe [569344 2015-12-15] (Internet Monitor)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2015-12-15]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-15]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c3d2b33a-5f1a-4bce-8c16-a5ea94bc6a72}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default
FF NewTab: about:newtab
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-02] (Coupons, Inc.)
FF Extension: Flash and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-12]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\artur.dubovoy@gmail.com [2015-12-12]
FF Extension: FireFTP - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-12-12]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google*Übersetzer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (FTP Free) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn [2014-09-27]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-12-22]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-01-16]
CHR Extension: (Codeanywhere) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432720 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412240 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854608 2015-12-10] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3645432 2014-07-18] (devolo AG)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-12-10] (BlueStack Systems)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-15] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-23 13:24 - 2015-12-23 13:24 - 00016148 _____ C:\WINDOWS\system32\GLOBALITY_Daniel_HistoryPrediction.bin
2015-12-23 07:39 - 2015-12-23 07:39 - 00280168 _____ C:\WINDOWS\Minidump\122315-10015-01.dmp
2015-12-22 19:29 - 2015-12-22 19:29 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2015-12-22 19:23 - 2015-12-22 19:25 - 00001115 _____ C:\Users\Daniel\Desktop\Fixlog.txt
2015-12-22 18:45 - 2015-12-23 07:41 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-12-22 18:36 - 2015-12-22 18:43 - 00000000 ____D C:\AdwCleaner
2015-12-22 18:32 - 2015-12-22 18:32 - 01743360 _____ C:\Users\Daniel\Desktop\AdwCleaner_5.026.exe
2015-12-22 18:22 - 2015-12-22 18:23 - 00050521 _____ C:\Users\Daniel\Desktop\Addition.txt
2015-12-22 18:21 - 2015-12-23 13:29 - 00019946 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-22 18:15 - 2015-12-22 18:15 - 06708416 _____ (Adobe System Incorporated.) C:\Users\Daniel\Downloads\AdobeCreativeCloudCleanerTool.exe
2015-12-22 12:01 - 2015-12-22 12:01 - 00007493 _____ C:\Users\Daniel\Desktop\Malwarebyte.txt
2015-12-22 11:49 - 2015-12-22 11:50 - 00000532 _____ C:\Users\Daniel\Desktop\Neues Textdokument.txt
2015-12-22 11:37 - 2015-12-23 13:29 - 00000000 ____D C:\FRST
2015-12-22 11:36 - 2015-12-22 11:37 - 02370560 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-21 14:28 - 2015-12-21 14:28 - 00514327 _____ C:\Users\Daniel\Desktop\20151221.pdf
2015-12-21 14:24 - 2015-12-21 14:24 - 00000000 ____D C:\ProgramData\ATI
2015-12-21 11:16 - 2015-12-21 11:16 - 00036520 _____ C:\Users\Daniel\Documents\arena.mrf
2015-12-21 10:28 - 2015-12-21 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-21 10:26 - 2015-12-21 10:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-12-21 10:25 - 2015-12-21 10:25 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 39720944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 30775792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00631792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00130064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00110320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-12-20 20:56 - 2015-12-20 20:56 - 00478062 _____ C:\Users\Daniel\Desktop\20151220.pdf
2015-12-20 17:19 - 2015-12-22 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 13:28 - 2015-12-21 14:29 - 00283623 _____ C:\Users\Daniel\Desktop\Dienstplan_TV_Cannstatt.xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-18 10:57 - 2015-12-18 11:03 - 606692048 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.chrome.Archive.exe
2015-12-18 10:41 - 2015-12-19 19:28 - 00000222 _____ C:\Users\Daniel\Desktop\nicht angreiffen.txt
2015-12-18 10:36 - 2015-12-18 10:36 - 00617444 _____ C:\Users\Daniel\Downloads\Browser-in-the-Box_Benutzerhandbuch.pdf
2015-12-16 15:10 - 2015-12-16 15:10 - 00025360 _____ C:\Users\Daniel\Documents\far-Flung Prairie.mrf
2015-12-15 21:23 - 2015-12-15 21:23 - 00034360 _____ C:\Users\Daniel\Documents\nightfall swamp.mrf
2015-12-15 18:10 - 2015-12-15 18:11 - 21852240 _____ C:\Users\Daniel\Downloads\Smoothies.rar
2015-12-15 17:33 - 2015-12-15 17:33 - 00280112 _____ C:\WINDOWS\Minidump\121515-9359-01.dmp
2015-12-15 15:47 - 2015-12-15 15:47 - 00006660 _____ C:\Users\Daniel\Downloads\Rechnung Nr. 15005998.pdf
2015-12-15 13:56 - 2015-12-15 13:56 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1) (1).pdf
2015-12-15 13:53 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1).pdf
2015-12-15 13:52 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung.pdf
2015-12-15 13:36 - 2015-12-15 13:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-12-15 13:35 - 2015-12-15 13:35 - 00211398 _____ C:\Users\Daniel\Desktop\kündigung strom.pdf
2015-12-15 13:26 - 2015-12-18 11:04 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-18 11:04 - 00001320 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-15 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\ProgramData\Sirrix AG
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2015-12-15 13:21 - 2015-12-15 13:21 - 00000000 ____D C:\Program Files\Oracle
2015-12-15 13:14 - 2015-12-15 13:19 - 565717248 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.firefox.Archive.exe
2015-12-15 13:12 - 2015-12-17 19:43 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 13:11 - 2015-12-15 13:11 - 00927824 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup (1).exe
2015-12-15 12:47 - 2015-12-15 12:47 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form (1).pdf
2015-12-15 12:44 - 2015-12-15 12:45 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form.pdf
2015-12-15 12:28 - 2015-12-15 12:36 - 24149323 _____ C:\Users\Daniel\Downloads\Malwarebytes Anti-Malware Premium 2.2.0.1024.rar
2015-12-15 12:21 - 2015-12-23 12:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 12:20 - 2015-12-15 13:10 - 00001165 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 12:17 - 2015-12-15 12:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniel\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 12:09 - 2015-12-15 12:09 - 00003530 _____ C:\WINDOWS\System32\Tasks\Ahonaradra
2015-12-15 12:01 - 2015-12-15 12:01 - 00003774 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Program Files (x86)\SoftUpgrade
2015-12-15 11:57 - 2015-12-15 11:57 - 00275717 _____ C:\Users\Daniel\Documents\151210 Rechnung_Lingel.pdf
2015-12-15 11:35 - 2015-12-15 11:35 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-15 11:34 - 2015-12-15 11:34 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-15 11:34 - 2015-12-15 11:34 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-12-15 11:34 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-12-15 11:34 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-12-15 11:33 - 2015-12-22 11:52 - 00000000 ____D C:\ProgramData\ProductData
2015-12-15 11:33 - 2015-12-15 11:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IObit
2015-12-15 11:33 - 2015-12-15 11:40 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProductData
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\IObit
2015-12-15 11:32 - 2015-12-15 11:41 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-15 11:32 - 2015-12-15 11:32 - 30003568 _____ (IObit ) C:\Users\Daniel\Downloads\IObit-Malware-Fighter-Setup3409.exe
2015-12-15 11:16 - 2015-12-15 11:16 - 17529025 _____ C:\Users\Daniel\Documents\151210 Rechnung Lingel.pdf
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\Opera Software
2015-12-15 11:04 - 2015-12-15 11:05 - 17231872 _____ C:\Users\Daniel\Downloads\epson374980eu.exe
2015-12-15 11:03 - 2015-12-15 11:02 - 00004182 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-15 11:02 - 2015-12-22 18:43 - 00000008 __RSH C:\Users\Daniel\ntuser.pol
2015-12-15 11:02 - 2015-12-22 18:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-15 11:01 - 2015-12-15 11:01 - 00003294 _____ C:\WINDOWS\System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F}
2015-12-15 10:59 - 2015-12-15 10:59 - 12793856 _____ C:\Users\Daniel\Downloads\epson325480eu.exe
2015-12-15 10:57 - 2015-12-15 10:57 - 25198592 _____ C:\Users\Daniel\Downloads\epson324666eu.dmg
2015-12-14 20:52 - 2015-12-14 20:52 - 00030000 _____ C:\Users\Daniel\Documents\13.mrf
2015-12-14 14:28 - 2015-12-14 14:32 - 00027280 _____ C:\Users\Daniel\Documents\sunshine beach.mrf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116.pdf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116 (1).pdf
2015-12-14 14:22 - 2015-12-14 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-14 14:22 - 2015-12-14 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-14 14:11 - 2015-12-14 14:15 - 11692510 _____ C:\Users\Daniel\Downloads\GLGzFAmSSuC(zA.rar
2015-12-14 14:05 - 2015-12-14 14:15 - 32280461 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 522240.crdownload
2015-12-14 13:48 - 2015-12-14 13:48 - 00030280 _____ C:\Users\Daniel\Documents\Climbing Olympus.mrf
2015-12-14 13:20 - 2015-12-15 16:21 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\Program Files (x86)\MouseRecorder
2015-12-14 13:19 - 2015-12-14 13:21 - 02467080 _____ (Bartels Media GmbH ) C:\Users\Daniel\Downloads\MouseRecorderSetup1042.exe
2015-12-14 13:17 - 2015-12-14 13:17 - 02331531 _____ C:\Users\Daniel\Downloads\MRP276Setup.zip
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\Documents\My Recorded Scripts
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Nemex
2015-12-14 13:09 - 2015-12-14 13:09 - 02332069 _____ C:\Users\Daniel\Downloads\mrp275setup.zip
2015-12-14 13:01 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup (1).exe
2015-12-14 12:55 - 2015-12-15 13:10 - 00001682 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-15 13:08 - 00001742 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup.exe
2015-12-14 12:55 - 2015-12-14 12:55 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-14 12:54 - 2015-12-14 12:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\fabi.me
2015-12-14 12:53 - 2015-12-14 12:55 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:54 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:53 - 00094899 _____ C:\Users\Daniel\Downloads\SpeedAutoClicker.zip
2015-12-14 12:46 - 2015-12-14 12:47 - 308301520 _____ (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks2-Installer_native.exe
2015-12-12 19:59 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 19:59 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-12 19:59 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-12 19:59 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-12 19:59 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 19:59 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 19:59 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-12 19:59 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-12 19:59 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-12 19:59 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 19:59 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-12 19:59 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-12 19:59 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-12 19:58 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-12 19:58 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-12 19:58 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-12 19:58 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-12 19:58 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-12 19:58 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 19:58 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-12 19:58 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-12 19:58 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 19:58 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 19:58 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-12 19:58 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-12 19:58 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 19:58 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1.zip
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1 (1).zip
2015-12-06 18:49 - 2015-12-06 18:49 - 04397665 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab (1).zip
2015-12-06 18:48 - 2015-12-06 18:48 - 01142560 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab.zip
2015-12-06 18:19 - 2015-12-06 18:19 - 03984004 _____ C:\Users\Daniel\Downloads\Bewerbung_Erzieherin_Daniele_Maier.pdf
2015-12-06 18:06 - 2015-12-06 18:06 - 00291489 _____ C:\Users\Daniel\Downloads\20151127131614271.pdf
2015-12-06 17:50 - 2015-12-06 17:50 - 00109513 _____ C:\Users\Daniel\Desktop\Anmeldung.pdf
2015-12-03 18:29 - 2015-12-03 18:29 - 00169351 _____ C:\Users\Daniel\Downloads\WAZ.pdf
2015-11-30 21:32 - 2015-11-30 21:32 - 00064681 _____ C:\Users\Daniel\Downloads\Rückseite.pdf
2015-11-30 21:31 - 2015-11-30 21:31 - 00064681 _____ C:\Users\Daniel\Desktop\Rückseite.pdf
2015-11-30 21:29 - 2015-11-30 21:29 - 00032176 _____ C:\Users\Daniel\Desktop\Vorderseite.pdf
2015-11-30 21:25 - 2015-11-30 21:25 - 04889088 _____ C:\Users\Daniel\Downloads\Da Carlo Front Visit.zdl
2015-11-30 21:25 - 2015-11-30 21:25 - 01163776 _____ C:\Users\Daniel\Downloads\Da Carlo Back Visit.zdl
2015-11-29 20:16 - 2015-11-29 20:16 - 00457667 _____ C:\Users\Daniel\Downloads\maui.pdf
2015-11-26 16:19 - 2015-11-26 17:43 - 00000000 ____D C:\Users\Daniel\Desktop\Schwab Melli
2015-11-25 16:11 - 2015-11-25 16:11 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 16:00 - 2015-11-25 16:00 - 00273974 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 15:59 - 2015-11-25 15:59 - 00076125 _____ C:\Users\Daniel\Downloads\Kopie von Dienstplan_Änderung2 (1).xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-23 13:24 - 2014-05-05 05:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 13:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-23 13:02 - 2014-06-07 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-23 11:24 - 2014-05-05 05:06 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 08:17 - 2014-06-23 14:35 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-12-23 08:16 - 2015-08-08 19:27 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88EEB1D5-370C-4812-9418-EDF692A916C5}
2015-12-23 08:06 - 2015-02-13 17:03 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-12-23 07:46 - 2015-08-01 19:33 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-23 07:46 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-23 07:46 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-23 07:46 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-23 07:44 - 2014-11-03 18:22 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-23 07:42 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-12-23 07:39 - 2015-08-15 18:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-23 07:39 - 2015-08-01 19:21 - 00000000 ____D C:\Users\postgres
2015-12-23 07:39 - 2015-08-01 19:21 - 00000000 ____D C:\Users\Daniel
2015-12-23 07:39 - 2015-08-01 19:20 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-23 07:39 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-23 07:39 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-22 19:25 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-22 19:25 - 2014-06-23 15:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-22 18:16 - 2014-08-16 20:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-22 18:16 - 2014-05-26 12:17 - 00000000 ____D C:\ProgramData\Adobe
2015-12-22 18:16 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2015-12-22 18:15 - 2014-05-26 12:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-22 17:51 - 2014-05-13 20:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Notepad++
2015-12-22 17:45 - 2015-04-02 10:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2015-12-22 14:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-22 11:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 11:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-22 11:07 - 2014-05-29 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-12-22 11:07 - 2014-05-13 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-21 15:41 - 2015-08-16 17:58 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2015-12-21 11:06 - 2015-10-03 15:02 - 00010560 _____ C:\Users\Daniel\Desktop\Lego-Architecture.xlsx
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\ProgramData\AMD
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-21 10:27 - 2014-05-05 05:07 - 00000000 ____D C:\AMD
2015-12-21 10:25 - 2015-08-25 19:22 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-12-21 10:25 - 2015-08-25 19:22 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-12-21 10:25 - 2015-07-16 01:12 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01223544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-12-21 10:25 - 2015-07-16 00:17 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-12-21 10:25 - 2015-07-16 00:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-12-21 10:25 - 2015-07-16 00:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-12-20 10:37 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-12-18 19:58 - 2015-09-19 10:01 - 00023600 _____ C:\Users\Daniel\Desktop\Kaufpreis Backnang.xlsx
2015-12-18 17:14 - 2015-07-10 17:44 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-17 18:52 - 2015-08-20 15:17 - 00002099 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-12-17 18:52 - 2014-07-10 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-17 18:52 - 2014-05-05 05:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-17 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-15 13:24 - 2014-11-03 18:30 - 00000000 ____D C:\Users\Daniel\.VirtualBox
2015-12-15 13:11 - 2015-08-01 19:25 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-15 13:11 - 2015-06-26 22:05 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-15 13:11 - 2014-12-29 16:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-15 13:11 - 2014-10-20 18:02 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-12-15 13:11 - 2014-08-16 20:58 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-15 13:11 - 2014-08-16 20:57 - 00001527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-15 13:11 - 2014-08-16 17:13 - 00001750 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-12-15 13:11 - 2014-05-13 19:27 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-15 13:10 - 2015-08-26 18:40 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-12-15 13:10 - 2015-08-16 18:00 - 00002234 _____ C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-12-15 13:08 - 2015-08-01 20:21 - 00002425 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-15 13:08 - 2015-05-16 13:40 - 00002158 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\KÜCHEN QUELLE 3D.lnk
2015-12-15 13:08 - 2015-01-18 17:42 - 00001033 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-12-15 13:08 - 2015-01-08 18:29 - 00001822 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Coral Poker.lnk
2015-12-15 13:08 - 2014-12-16 14:46 - 00001830 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk
2015-12-15 13:08 - 2014-08-21 15:45 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-12-15 13:08 - 2014-07-25 19:12 - 00001792 _____ C:\ProgramData\Microsoft\Windows\Start Menu\24hPoker.lnk
2015-12-15 13:08 - 2014-07-02 16:36 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-06-14 19:21 - 00001120 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-05-18 20:21 - 00000295 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-15 13:08 - 2014-05-17 11:36 - 00001079 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerRanger.lnk
2015-12-15 13:08 - 2014-05-05 15:24 - 00000811 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2015-12-15 13:07 - 2015-10-12 19:18 - 00002180 _____ C:\Users\Daniel\Desktop\AusweisApp2.lnk
2015-12-15 12:04 - 2015-08-01 20:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-15 11:12 - 2014-10-20 17:34 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-14 22:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 22:20 - 2015-09-06 12:11 - 00000000 ____D C:\WINDOWS\Panther
2015-12-14 22:15 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-14 19:15 - 2015-07-10 13:20 - 04962496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 14:22 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Skype
2015-12-14 14:22 - 2014-05-05 05:07 - 00000000 ____D C:\ProgramData\Skype
2015-12-14 14:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 14:19 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-14 12:55 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-14 12:50 - 2014-11-03 18:25 - 00000000 ____D C:\Program Files\Andy
2015-12-14 11:44 - 2014-05-05 14:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-14 11:44 - 2014-05-05 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-14 11:43 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-14 11:41 - 2014-05-10 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-14 11:39 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-14 11:38 - 2014-05-07 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 11:32 - 2014-05-07 16:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-14 09:46 - 2014-05-05 05:05 - 00000000 ___RD C:\Users\Daniel\OneDrive
2015-12-12 19:44 - 2014-06-14 19:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\PokerStars.EU
2015-12-09 04:39 - 2014-05-07 18:25 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-06 11:19 - 2014-05-05 05:06 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 11:19 - 2014-05-05 05:06 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 11:04 - 2014-08-16 21:42 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-06 11:04 - 2014-05-05 14:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\AMD
2015-12-01 01:32 - 2015-10-03 15:01 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-03 15:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-27 21:25 - 2014-11-27 21:25 - 0004676 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-05-16 13:40 - 2015-05-16 13:40 - 0370070 _____ () C:\Users\Daniel\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2015-02-13 17:03 - 2015-02-13 17:03 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-05 15:24 - 2014-05-05 15:24 - 0558105 _____ () C:\ProgramData\1399299703.bdinstall.bin
2015-01-05 15:23 - 2015-01-05 15:23 - 0259192 _____ () C:\ProgramData\1420467746.bdinstall.bin
2015-02-08 16:01 - 2015-02-08 16:01 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-08-01 19:19 - 2015-08-01 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-09 18:17 - 2014-08-09 18:17 - 0005044 _____ () C:\ProgramData\flwjycbm.bab

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-14 22:04

==================== Ende von FRST.txt ============================
         
--- --- ---


Ansonsten habe ich noch folgende Probleme (nach dem ESET-Scan wurde allerdings kein weiterer Neustart durchgeführt!)
- Office Note versucht weiterhin nach jedem Neustart sich zu öffnen und was zu versenden
- Nach jedem Neustart blinkt bei Malwarebyte verschiedene "Fehlermeldungen kurz auf"

Alt 23.12.2015, 12:54   #10
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Hi,

schau mal bitte in den Verlauf von MBAM ob dort irgendwelche Logs mit Funden dort sind. Desto neuer desto besser. Dieses auch noch hier posten.

Schritt # 1: Revo

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Coupon Printer for Windows

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 



Schritt # 2: FRST-Fix

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Flashtool\custom\root\run_root_shell\run_root_shell

C:\MtkDroidTools\files\pwn

C:\MtkDroidTools\files\zR

C:\Poker\files\pwn

C:\Poker\files\zR

C:\Poker\MtkDroidTools\files\pwn

C:\Poker\MtkDroidTools\files\zR

C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll

C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll

C:\rooten\files\run_root_shell

C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000

C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000001

C:\Users\Daniel\AppData\Local\Skype\MtkDroidTools\files\pwn

C:\Users\Daniel\Downloads\ALNO_KPLSetup14a - CHIP-Installer.exe

C:\Users\Daniel\Downloads\CouponPrinter.exe

C:\Users\Daniel\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v19a_perf-event-exploit.zip

C:\Users\Daniel\Downloads\ipadian.exe

C:\Users\Daniel\Downloads\setup.exe

C:\Users\Daniel\Downloads\tr.apk

C:\Windows\CouponPrinter.ocx

D:\sicherung\Dale Carnegie - Besser miteinander reden\Kostenloser Usenet Zugang.url

D:\unsortiert\setup.exe

Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt # 3: FRST

Und noch ein frisches FRST-Log bitte.



Schritt # 4: Bitte Posten
  • Das Log von MBAM
  • Das Fixlog von FRST
  • Das frische FRST-Log

Alt 23.12.2015, 13:51   #11
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Vielen Dank!

zu #1:
Das Programm "Coupon Printer for Windows" gab es nicht zum Auswählen

schutzprotokoll.txt von MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 23.12.2015 07:39, SYSTEM, GLOBALITY, Protection, Malware Protection, Starting, 
Protection, 23.12.2015 07:39, SYSTEM, GLOBALITY, Protection, Malware Protection, Started, 
Protection, 23.12.2015 07:39, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Starting, 
Protection, 23.12.2015 07:39, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Started, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 49519, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 49519, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49530, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49530, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49533, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49534, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49535, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49535, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49537, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49539, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49540, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49542, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49543, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49574, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49575, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49577, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49580, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49599, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49601, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49602, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49603, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49604, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49605, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49607, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49608, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49610, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49611, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, IP, 162.13.104.8, www.tr553.com, 49612, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Detection, 23.12.2015 07:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 37.58.102.38, doz.mazeability.com, 49613, Outbound, C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe, 
Update, 23.12.2015 08:02, SYSTEM, GLOBALITY, Scheduler, Domain Database, 2015.12.22.1, 2015.12.23.1, 
Update, 23.12.2015 08:02, SYSTEM, GLOBALITY, Scheduler, Malware Database, 2015.12.22.6, 2015.12.23.1, 
Protection, 23.12.2015 08:02, SYSTEM, GLOBALITY, Protection, Refresh, Starting, 
Protection, 23.12.2015 08:02, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Stopping, 
Protection, 23.12.2015 08:02, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Stopped, 
Protection, 23.12.2015 08:02, SYSTEM, GLOBALITY, Protection, Refresh, Success, 
Protection, 23.12.2015 08:02, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Starting, 
Protection, 23.12.2015 08:02, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Started, 
Detection, 23.12.2015 08:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 51734, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 08:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 51734, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Update, 23.12.2015 09:09, SYSTEM, GLOBALITY, Scheduler, Malware Database, 2015.12.23.1, 2015.12.23.2, 
Protection, 23.12.2015 09:09, SYSTEM, GLOBALITY, Protection, Refresh, Starting, 
Protection, 23.12.2015 09:09, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Stopping, 
Protection, 23.12.2015 09:09, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Stopped, 
Protection, 23.12.2015 09:09, SYSTEM, GLOBALITY, Protection, Refresh, Success, 
Protection, 23.12.2015 09:09, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Starting, 
Protection, 23.12.2015 09:09, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Started, 
Detection, 23.12.2015 09:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 53651, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 09:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 53651, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 10:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 55585, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 11:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 57472, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Update, 23.12.2015 12:14, SYSTEM, GLOBALITY, Scheduler, Malware Database, 2015.12.23.2, 2015.12.23.3, 
Protection, 23.12.2015 12:14, SYSTEM, GLOBALITY, Protection, Refresh, Starting, 
Protection, 23.12.2015 12:14, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Stopping, 
Protection, 23.12.2015 12:14, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Stopped, 
Protection, 23.12.2015 12:14, SYSTEM, GLOBALITY, Protection, Refresh, Success, 
Protection, 23.12.2015 12:14, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Starting, 
Protection, 23.12.2015 12:14, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Started, 
Detection, 23.12.2015 12:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 59421, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 12:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 59421, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 
Detection, 23.12.2015 13:40, SYSTEM, GLOBALITY, Protection, Malicious Website Protection, Domain, 136.243.22.25, interstat.eu, 62038, Outbound, C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe, 

(end)
         
Scanprotokoll MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.12.2015
Suchlaufzeit: 14:23
Protokolldatei: Scanprotokoll.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.23.03
Rootkit-Datenbank: v2015.12.18.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Daniel

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 468666
Abgelaufene Zeit: 18 Min., 13 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Vitruvian, HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\INSTALLPATH\STATUS, In Quarantäne, [8ff0abfd58332c0ab6d10b0518ecbe42], 

Registrierungswerte: 3
PUP.Optional.Vitruvian, HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\INSTALLPATH\STATUS|SwiftSearch, I, In Quarantäne, [8ff0abfd58332c0ab6d10b0518ecbe42]
PUP.Optional.VBates, HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\INSTALLPATH\STATUS|Groover, R, In Quarantäne, [6a1567417b100a2ce99de12fcd37d52b]
PUP.Optional.Komodia, HKU\S-1-5-21-2676936528-1030403693-891089861-1001\SOFTWARE\INSTALLPATH\STATUS|FlowsurfCB, P, In Quarantäne, [c3bcdecaa3e8d165473064ac1de741bf]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Fixlog.txt
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Daniel (2015-12-23 14:21:42) Run:2
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Flashtool\custom\root\run_root_shell\run_root_shell

C:\MtkDroidTools\files\pwn

C:\MtkDroidTools\files\zR

C:\Poker\files\pwn

C:\Poker\files\zR

C:\Poker\MtkDroidTools\files\pwn

C:\Poker\MtkDroidTools\files\zR

C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll

C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll

C:\rooten\files\run_root_shell

C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000

C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000001

C:\Users\Daniel\AppData\Local\Skype\MtkDroidTools\files\pwn

C:\Users\Daniel\Downloads\ALNO_KPLSetup14a - CHIP-Installer.exe

C:\Users\Daniel\Downloads\CouponPrinter.exe

C:\Users\Daniel\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v19a_perf-event-exploit.zip

C:\Users\Daniel\Downloads\ipadian.exe

C:\Users\Daniel\Downloads\setup.exe

C:\Users\Daniel\Downloads\tr.apk

C:\Windows\CouponPrinter.ocx

D:\sicherung\Dale Carnegie - Besser miteinander reden\Kostenloser Usenet Zugang.url

D:\unsortiert\setup.exe

Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-12-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

EmptyTemp:
         
*****************

C:\Flashtool\custom\root\run_root_shell\run_root_shell => erfolgreich verschoben
C:\MtkDroidTools\files\pwn => erfolgreich verschoben
C:\MtkDroidTools\files\zR => erfolgreich verschoben
C:\Poker\files\pwn => erfolgreich verschoben
C:\Poker\files\zR => erfolgreich verschoben
C:\Poker\MtkDroidTools\files\pwn => erfolgreich verschoben
C:\Poker\MtkDroidTools\files\zR => erfolgreich verschoben
C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll => erfolgreich verschoben
C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll => erfolgreich verschoben
C:\rooten\files\run_root_shell => erfolgreich verschoben
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000000 => erfolgreich verschoben
C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\File System\005\t\00\00000001 => erfolgreich verschoben
C:\Users\Daniel\AppData\Local\Skype\MtkDroidTools\files\pwn => erfolgreich verschoben
C:\Users\Daniel\Downloads\ALNO_KPLSetup14a - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Daniel\Downloads\CouponPrinter.exe => erfolgreich verschoben
C:\Users\Daniel\Downloads\DooMLoRD_Easy-Rooting-Toolkit_v19a_perf-event-exploit.zip => erfolgreich verschoben
C:\Users\Daniel\Downloads\ipadian.exe => erfolgreich verschoben
C:\Users\Daniel\Downloads\setup.exe => erfolgreich verschoben
C:\Users\Daniel\Downloads\tr.apk => erfolgreich verschoben
C:\Windows\CouponPrinter.ocx => erfolgreich verschoben
D:\sicherung\Dale Carnegie - Besser miteinander reden\Kostenloser Usenet Zugang.url => erfolgreich verschoben
D:\unsortiert\setup.exe => erfolgreich verschoben
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk => erfolgreich verschoben
C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE => erfolgreich verschoben
EmptyTemp: => 34.3 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 14:21:55 ====
         
FRST.txt

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von Daniel (Administrator) auf GLOBALITY (23-12-2015 14:49:13)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel & postgres (Verfügbare Profile: Daniel & postgres & Gl0ba_000)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxClient.exe" start "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Internet Monitor) C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Andy] => C:\Program Files\Andy\HandyAndy.exe
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883280 2015-12-10] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Line] => C:\Program Files (x86)\Naver\LINE\Line.exe [15664152 2015-08-18] (LINE Corporation)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\...\Run: [BandwidthStat] => C:\Users\Daniel\AppData\Roaming\BandwidthStat\bandwidthstat.exe [569344 2015-12-15] (Internet Monitor)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2015-12-15]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-12-15]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c3d2b33a-5f1a-4bce-8c16-a5ea94bc6a72}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2676936528-1030403693-891089861-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-09] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default
FF NewTab: about:newtab
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-28] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Flash and Video Download - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-12]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\artur.dubovoy@gmail.com [2015-12-12]
FF Extension: FireFTP - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\v7rfplju.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-12-12]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google*Übersetzer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (FTP Free) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgcfaoankkonoiichmblcfijkomfbn [2014-09-27]
CHR Extension: (Video Downloader professional) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-12-22]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (qipu Cashbackmelder open beta) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mloigoojndlehdjiemdfpiikieonngel [2015-01-16]
CHR Extension: (Codeanywhere) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-01]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432720 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412240 2015-12-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854608 2015-12-10] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3645432 2014-07-18] (devolo AG)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [885576 2013-05-23] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-05-23] (PacketVideo)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-12-10] (BlueStack Systems)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-15] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-23] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-23 14:48 - 2015-12-23 14:48 - 00001778 _____ C:\Users\Daniel\Desktop\Scanprotokoll.txt
2015-12-23 14:42 - 2015-12-23 14:42 - 00001733 _____ C:\Erkannte Bedrohungen.txt
2015-12-23 14:42 - 2015-12-23 14:42 - 00001726 _____ C:\Scanprotokoll.txt
2015-12-23 14:39 - 2015-12-23 14:39 - 00016148 _____ C:\WINDOWS\system32\GLOBALITY_Daniel_HistoryPrediction.bin
2015-12-23 14:15 - 2015-12-23 14:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Daniel\Downloads\revosetup95.exe
2015-12-23 14:15 - 2015-12-23 14:15 - 00001337 _____ C:\Users\Daniel\Desktop\Revo Uninstaller.lnk
2015-12-23 14:15 - 2015-12-23 14:15 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-23 14:15 - 2015-12-23 14:15 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-23 14:14 - 2015-12-23 14:14 - 00010510 _____ C:\Users\Daniel\Desktop\schutzprotokoll.txt
2015-12-23 14:14 - 2015-12-23 14:14 - 00010510 _____ C:\Schutzprotokoll.txt
2015-12-23 07:39 - 2015-12-23 07:39 - 00280168 _____ C:\WINDOWS\Minidump\122315-10015-01.dmp
2015-12-22 19:29 - 2015-12-22 19:29 - 02870984 _____ (ESET) C:\Users\Daniel\Downloads\esetsmartinstaller_deu.exe
2015-12-22 19:23 - 2015-12-23 14:21 - 00003820 _____ C:\Users\Daniel\Desktop\Fixlog.txt
2015-12-22 18:45 - 2015-12-23 14:23 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-12-22 18:36 - 2015-12-22 18:43 - 00000000 ____D C:\AdwCleaner
2015-12-22 18:32 - 2015-12-22 18:32 - 01743360 _____ C:\Users\Daniel\Desktop\AdwCleaner_5.026.exe
2015-12-22 18:22 - 2015-12-22 18:23 - 00050521 _____ C:\Users\Daniel\Desktop\Addition.txt
2015-12-22 18:21 - 2015-12-23 14:49 - 00019684 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-12-22 18:15 - 2015-12-22 18:15 - 06708416 _____ (Adobe System Incorporated.) C:\Users\Daniel\Downloads\AdobeCreativeCloudCleanerTool.exe
2015-12-22 12:01 - 2015-12-22 12:01 - 00007493 _____ C:\Users\Daniel\Desktop\Malwarebyte.txt
2015-12-22 11:49 - 2015-12-22 11:50 - 00000532 _____ C:\Users\Daniel\Desktop\Neues Textdokument.txt
2015-12-22 11:37 - 2015-12-23 14:49 - 00000000 ____D C:\FRST
2015-12-22 11:36 - 2015-12-22 11:37 - 02370560 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-12-21 14:28 - 2015-12-21 14:28 - 00514327 _____ C:\Users\Daniel\Desktop\20151221.pdf
2015-12-21 14:24 - 2015-12-21 14:24 - 00000000 ____D C:\ProgramData\ATI
2015-12-21 11:16 - 2015-12-21 11:16 - 00036520 _____ C:\Users\Daniel\Documents\arena.mrf
2015-12-21 10:28 - 2015-12-21 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-21 10:26 - 2015-12-21 10:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-12-21 10:25 - 2015-12-21 10:25 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 39720944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 30775792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-12-21 10:25 - 2015-12-21 10:25 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00662400 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-12-21 10:25 - 2015-12-21 10:25 - 00631792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00130064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00110320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-12-21 10:25 - 2015-12-21 10:25 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-12-21 10:25 - 2015-12-21 10:25 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-12-20 20:56 - 2015-12-20 20:56 - 00478062 _____ C:\Users\Daniel\Desktop\20151220.pdf
2015-12-20 17:19 - 2015-12-22 11:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 13:28 - 2015-12-21 14:29 - 00283623 _____ C:\Users\Daniel\Desktop\Dienstplan_TV_Cannstatt.xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-20 10:36 - 2015-12-20 10:36 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU (1).xlsm
2015-12-18 10:57 - 2015-12-18 11:03 - 606692048 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.chrome.Archive.exe
2015-12-18 10:41 - 2015-12-19 19:28 - 00000222 _____ C:\Users\Daniel\Desktop\nicht angreiffen.txt
2015-12-18 10:36 - 2015-12-18 10:36 - 00617444 _____ C:\Users\Daniel\Downloads\Browser-in-the-Box_Benutzerhandbuch.pdf
2015-12-16 15:10 - 2015-12-16 15:10 - 00025360 _____ C:\Users\Daniel\Documents\far-Flung Prairie.mrf
2015-12-15 21:23 - 2015-12-15 21:23 - 00034360 _____ C:\Users\Daniel\Documents\nightfall swamp.mrf
2015-12-15 18:10 - 2015-12-15 18:11 - 21852240 _____ C:\Users\Daniel\Downloads\Smoothies.rar
2015-12-15 17:33 - 2015-12-15 17:33 - 00280112 _____ C:\WINDOWS\Minidump\121515-9359-01.dmp
2015-12-15 15:47 - 2015-12-15 15:47 - 00006660 _____ C:\Users\Daniel\Downloads\Rechnung Nr. 15005998.pdf
2015-12-15 13:56 - 2015-12-15 13:56 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1) (1).pdf
2015-12-15 13:53 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung (1).pdf
2015-12-15 13:52 - 2015-12-15 13:53 - 00023026 _____ C:\Users\Daniel\Downloads\Vodafone-Internet--Telefon-Kuendigung.pdf
2015-12-15 13:36 - 2015-12-15 13:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Sirrix AG
2015-12-15 13:35 - 2015-12-15 13:35 - 00211398 _____ C:\Users\Daniel\Desktop\kündigung strom.pdf
2015-12-15 13:26 - 2015-12-18 11:04 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-18 11:04 - 00001320 _____ C:\Users\Public\Desktop\Browser in the Box.lnk
2015-12-15 13:26 - 2015-12-15 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\ProgramData\Sirrix AG
2015-12-15 13:25 - 2015-12-15 13:25 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2015-12-15 13:21 - 2015-12-15 13:21 - 00000000 ____D C:\Program Files\Oracle
2015-12-15 13:14 - 2015-12-15 13:19 - 565717248 _____ (Sirrix AG) C:\Users\Daniel\Downloads\Browser_In_The_Box.4.1.4-r150.firefox.Archive.exe
2015-12-15 13:12 - 2015-12-17 19:43 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-15 13:11 - 2015-12-15 13:11 - 00927824 _____ (Google Inc.) C:\Users\Daniel\Downloads\ChromeSetup (1).exe
2015-12-15 12:47 - 2015-12-15 12:47 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form (1).pdf
2015-12-15 12:44 - 2015-12-15 12:45 - 00436869 _____ C:\Users\Daniel\Downloads\Kündigung-strom-umzug-form.pdf
2015-12-15 12:28 - 2015-12-15 12:36 - 24149323 _____ C:\Users\Daniel\Downloads\Malwarebytes Anti-Malware Premium 2.2.0.1024.rar
2015-12-15 12:21 - 2015-12-23 14:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-15 12:20 - 2015-12-15 13:10 - 00001165 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-15 12:20 - 2015-12-15 12:20 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-15 12:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-15 12:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-15 12:17 - 2015-12-15 12:18 - 22908888 _____ (Malwarebytes ) C:\Users\Daniel\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-15 12:09 - 2015-12-15 12:09 - 00003530 _____ C:\WINDOWS\System32\Tasks\Ahonaradra
2015-12-15 12:01 - 2015-12-15 12:01 - 00003774 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\BandwidthStat
2015-12-15 12:01 - 2015-12-15 12:01 - 00000000 ____D C:\Program Files (x86)\SoftUpgrade
2015-12-15 11:57 - 2015-12-15 11:57 - 00275717 _____ C:\Users\Daniel\Documents\151210 Rechnung_Lingel.pdf
2015-12-15 11:35 - 2015-12-15 11:35 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-12-15 11:34 - 2015-12-15 11:34 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-15 11:34 - 2015-12-15 11:34 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-12-15 11:34 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2015-12-15 11:34 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2015-12-15 11:33 - 2015-12-22 11:52 - 00000000 ____D C:\ProgramData\ProductData
2015-12-15 11:33 - 2015-12-15 11:41 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\IObit
2015-12-15 11:33 - 2015-12-15 11:40 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ProductData
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2015-12-15 11:33 - 2015-12-15 11:33 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\IObit
2015-12-15 11:32 - 2015-12-15 11:41 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-15 11:32 - 2015-12-15 11:32 - 30003568 _____ (IObit ) C:\Users\Daniel\Downloads\IObit-Malware-Fighter-Setup3409.exe
2015-12-15 11:16 - 2015-12-15 11:16 - 17529025 _____ C:\Users\Daniel\Documents\151210 Rechnung Lingel.pdf
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Opera Software
2015-12-15 11:05 - 2015-12-15 11:13 - 00000000 ____D C:\Users\Daniel\AppData\Local\Opera Software
2015-12-15 11:04 - 2015-12-15 11:05 - 17231872 _____ C:\Users\Daniel\Downloads\epson374980eu.exe
2015-12-15 11:03 - 2015-12-15 11:02 - 00004182 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-12-15 11:02 - 2015-12-22 18:43 - 00000008 __RSH C:\Users\Daniel\ntuser.pol
2015-12-15 11:02 - 2015-12-22 18:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-15 11:01 - 2015-12-15 11:01 - 00003294 _____ C:\WINDOWS\System32\Tasks\{9049D845-5093-42F1-ABE4-823668FF2E6F}
2015-12-15 10:59 - 2015-12-15 10:59 - 12793856 _____ C:\Users\Daniel\Downloads\epson325480eu.exe
2015-12-15 10:57 - 2015-12-15 10:57 - 25198592 _____ C:\Users\Daniel\Downloads\epson324666eu.dmg
2015-12-14 20:52 - 2015-12-14 20:52 - 00030000 _____ C:\Users\Daniel\Documents\13.mrf
2015-12-14 14:28 - 2015-12-14 14:32 - 00027280 _____ C:\Users\Daniel\Documents\sunshine beach.mrf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116.pdf
2015-12-14 14:23 - 2015-12-14 14:23 - 31302583 _____ C:\Users\Daniel\Downloads\auv116 (1).pdf
2015-12-14 14:22 - 2015-12-14 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-14 14:22 - 2015-12-14 14:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-14 14:11 - 2015-12-14 14:15 - 11692510 _____ C:\Users\Daniel\Downloads\GLGzFAmSSuC(zA.rar
2015-12-14 14:05 - 2015-12-14 14:15 - 32280461 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 522240.crdownload
2015-12-14 13:48 - 2015-12-14 13:48 - 00030280 _____ C:\Users\Daniel\Documents\Climbing Olympus.mrf
2015-12-14 13:20 - 2015-12-15 16:21 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Mouse Recorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseRecorder
2015-12-14 13:20 - 2015-12-14 13:20 - 00000000 ____D C:\Program Files (x86)\MouseRecorder
2015-12-14 13:19 - 2015-12-14 13:21 - 02467080 _____ (Bartels Media GmbH ) C:\Users\Daniel\Downloads\MouseRecorderSetup1042.exe
2015-12-14 13:17 - 2015-12-14 13:17 - 02331531 _____ C:\Users\Daniel\Downloads\MRP276Setup.zip
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\Documents\My Recorded Scripts
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mouse Recorder Pro
2015-12-14 13:10 - 2015-12-14 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Local\Nemex
2015-12-14 13:09 - 2015-12-14 13:09 - 02332069 _____ C:\Users\Daniel\Downloads\mrp275setup.zip
2015-12-14 13:01 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup (1).exe
2015-12-14 12:55 - 2015-12-15 13:10 - 00001682 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-15 13:08 - 00001742 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-14 12:55 - 2015-12-14 13:01 - 00842440 _____ (ghost-mouse.com ) C:\Users\Daniel\Downloads\GhostMouse323-Setup.exe
2015-12-14 12:55 - 2015-12-14 12:55 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-14 12:54 - 2015-12-14 12:54 - 00000000 ____D C:\Users\Daniel\AppData\Local\fabi.me
2015-12-14 12:53 - 2015-12-14 12:55 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:54 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-14 12:53 - 2015-12-14 12:53 - 00094899 _____ C:\Users\Daniel\Downloads\SpeedAutoClicker.zip
2015-12-14 12:46 - 2015-12-14 12:47 - 308301520 _____ (BlueStack Systems Inc.) C:\Users\Daniel\Downloads\BlueStacks2-Installer_native.exe
2015-12-12 19:59 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-12 19:59 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-12 19:59 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-12 19:59 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-12 19:59 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-12 19:59 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-12 19:59 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 19:59 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-12 19:59 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-12 19:59 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-12 19:59 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-12 19:59 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-12 19:59 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-12 19:59 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-12 19:59 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-12 19:59 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 19:59 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-12 19:59 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 19:59 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 19:59 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-12 19:59 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-12 19:58 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-12 19:58 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-12 19:58 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-12 19:58 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-12 19:58 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-12 19:58 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-12 19:58 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-12 19:58 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-12 19:58 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 19:58 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-12 19:58 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-12 19:58 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-12 19:58 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-12 19:58 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-12 19:58 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-12 19:58 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 19:58 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 19:58 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-12 19:58 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-12 19:58 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-12 19:58 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1.zip
2015-12-06 18:50 - 2015-12-06 18:50 - 01142543 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab 1 (1).zip
2015-12-06 18:49 - 2015-12-06 18:49 - 04397665 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab (1).zip
2015-12-06 18:48 - 2015-12-06 18:48 - 01142560 _____ C:\Users\Daniel\Downloads\Bewerbung_Melanie_Schwab.zip
2015-12-06 18:19 - 2015-12-06 18:19 - 03984004 _____ C:\Users\Daniel\Downloads\Bewerbung_Erzieherin_Daniele_Maier.pdf
2015-12-06 18:06 - 2015-12-06 18:06 - 00291489 _____ C:\Users\Daniel\Downloads\20151127131614271.pdf
2015-12-06 17:50 - 2015-12-06 17:50 - 00109513 _____ C:\Users\Daniel\Desktop\Anmeldung.pdf
2015-12-03 18:29 - 2015-12-03 18:29 - 00169351 _____ C:\Users\Daniel\Downloads\WAZ.pdf
2015-11-30 21:32 - 2015-11-30 21:32 - 00064681 _____ C:\Users\Daniel\Downloads\Rückseite.pdf
2015-11-30 21:31 - 2015-11-30 21:31 - 00064681 _____ C:\Users\Daniel\Desktop\Rückseite.pdf
2015-11-30 21:29 - 2015-11-30 21:29 - 00032176 _____ C:\Users\Daniel\Desktop\Vorderseite.pdf
2015-11-30 21:25 - 2015-11-30 21:25 - 04889088 _____ C:\Users\Daniel\Downloads\Da Carlo Front Visit.zdl
2015-11-30 21:25 - 2015-11-30 21:25 - 01163776 _____ C:\Users\Daniel\Downloads\Da Carlo Back Visit.zdl
2015-11-29 20:16 - 2015-11-29 20:16 - 00457667 _____ C:\Users\Daniel\Downloads\maui.pdf
2015-11-26 16:19 - 2015-11-26 17:43 - 00000000 ____D C:\Users\Daniel\Desktop\Schwab Melli
2015-11-25 16:11 - 2015-11-25 16:11 - 00255478 _____ C:\Users\Daniel\Desktop\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 16:00 - 2015-11-25 16:00 - 00273974 _____ C:\Users\Daniel\Downloads\Dienstplan_Änderung2_NEU.xlsm
2015-11-25 15:59 - 2015-11-25 15:59 - 00076125 _____ C:\Users\Daniel\Downloads\Kopie von Dienstplan_Änderung2 (1).xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-23 14:49 - 2015-02-13 17:03 - 00000000 ____D C:\ProgramData\TwonkyServer
2015-12-23 14:29 - 2015-08-01 19:33 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-23 14:29 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-23 14:29 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-23 14:29 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-23 14:27 - 2014-11-03 18:22 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-23 14:24 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-12-23 14:24 - 2014-05-05 05:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-23 14:22 - 2015-08-01 19:21 - 00000000 ____D C:\Users\postgres
2015-12-23 14:22 - 2015-08-01 19:20 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-12-23 14:22 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-23 14:22 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-23 14:22 - 2014-06-23 15:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-23 14:22 - 2014-05-05 05:06 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-23 14:21 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-23 14:14 - 2015-08-08 19:27 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{88EEB1D5-370C-4812-9418-EDF692A916C5}
2015-12-23 14:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-23 14:02 - 2014-06-07 19:47 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-23 08:17 - 2014-06-23 14:35 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-12-23 07:39 - 2015-08-15 18:33 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-23 07:39 - 2015-08-01 19:21 - 00000000 ____D C:\Users\Daniel
2015-12-22 18:16 - 2014-08-16 20:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-22 18:16 - 2014-05-26 12:17 - 00000000 ____D C:\ProgramData\Adobe
2015-12-22 18:16 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2015-12-22 18:15 - 2014-05-26 12:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-22 17:51 - 2014-05-13 20:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Notepad++
2015-12-22 17:45 - 2015-04-02 10:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\uTorrent
2015-12-22 14:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-22 11:28 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2015-12-22 11:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-22 11:07 - 2014-05-29 11:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-12-22 11:07 - 2014-05-13 19:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-21 15:41 - 2015-08-16 17:58 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2015-12-21 11:06 - 2015-10-03 15:02 - 00010560 _____ C:\Users\Daniel\Desktop\Lego-Architecture.xlsx
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\ProgramData\AMD
2015-12-21 10:28 - 2015-08-01 19:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-21 10:27 - 2014-05-05 05:07 - 00000000 ____D C:\AMD
2015-12-21 10:25 - 2015-08-25 19:22 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-12-21 10:25 - 2015-08-25 19:22 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-12-21 10:25 - 2015-07-16 01:12 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 01223544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-12-21 10:25 - 2015-07-16 01:11 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-12-21 10:25 - 2015-07-16 00:17 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-12-21 10:25 - 2015-07-16 00:13 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-12-21 10:25 - 2015-07-16 00:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-12-20 10:37 - 2014-05-05 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-12-18 19:58 - 2015-09-19 10:01 - 00023600 _____ C:\Users\Daniel\Desktop\Kaufpreis Backnang.xlsx
2015-12-18 17:14 - 2015-07-10 17:44 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-17 18:52 - 2015-08-20 15:17 - 00002099 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-12-17 18:52 - 2014-07-10 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-17 18:52 - 2014-05-05 05:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-17 14:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-15 13:24 - 2014-11-03 18:30 - 00000000 ____D C:\Users\Daniel\.VirtualBox
2015-12-15 13:11 - 2015-08-01 19:25 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-15 13:11 - 2015-06-26 22:05 - 00001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-12-15 13:11 - 2014-12-29 16:10 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-12-15 13:11 - 2014-10-20 18:02 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-12-15 13:11 - 2014-08-16 20:58 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-12-15 13:11 - 2014-08-16 20:57 - 00001527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-12-15 13:11 - 2014-08-16 17:13 - 00001750 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-12-15 13:11 - 2014-05-13 19:27 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-15 13:10 - 2015-08-26 18:40 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-12-15 13:10 - 2015-08-16 18:00 - 00002234 _____ C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-12-15 13:08 - 2015-08-01 20:21 - 00002425 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-15 13:08 - 2015-05-16 13:40 - 00002158 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\KÜCHEN QUELLE 3D.lnk
2015-12-15 13:08 - 2015-01-18 17:42 - 00001033 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk
2015-12-15 13:08 - 2015-01-08 18:29 - 00001822 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Coral Poker.lnk
2015-12-15 13:08 - 2014-12-16 14:46 - 00001830 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk
2015-12-15 13:08 - 2014-08-21 15:45 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-12-15 13:08 - 2014-07-25 19:12 - 00001792 _____ C:\ProgramData\Microsoft\Windows\Start Menu\24hPoker.lnk
2015-12-15 13:08 - 2014-07-02 16:36 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-06-14 19:21 - 00001120 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2015-12-15 13:08 - 2014-05-18 20:21 - 00000295 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2015-12-15 13:08 - 2014-05-17 11:36 - 00001079 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\PokerRanger.lnk
2015-12-15 13:08 - 2014-05-05 15:24 - 00000811 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Betfair.com Poker.lnk
2015-12-15 13:07 - 2015-10-12 19:18 - 00002180 _____ C:\Users\Daniel\Desktop\AusweisApp2.lnk
2015-12-15 12:04 - 2015-08-01 20:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-15 11:12 - 2014-10-20 17:34 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-12-14 22:26 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 22:20 - 2015-09-06 12:11 - 00000000 ____D C:\WINDOWS\Panther
2015-12-14 22:15 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-14 19:15 - 2015-07-10 13:20 - 04962496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 14:22 - 2014-05-05 05:08 - 00000000 ____D C:\Users\Daniel\AppData\Local\Skype
2015-12-14 14:22 - 2014-05-05 05:07 - 00000000 ____D C:\ProgramData\Skype
2015-12-14 14:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 14:19 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-14 12:55 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-14 12:50 - 2014-11-03 18:25 - 00000000 ____D C:\Program Files\Andy
2015-12-14 11:44 - 2014-05-05 14:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-14 11:44 - 2014-05-05 14:38 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-14 11:43 - 2013-08-22 14:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-14 11:41 - 2014-05-10 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-14 11:40 - 2014-05-10 14:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-14 11:39 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-14 11:38 - 2014-05-07 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-14 11:32 - 2014-05-07 16:59 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-14 09:46 - 2014-05-05 05:05 - 00000000 ___RD C:\Users\Daniel\OneDrive
2015-12-12 19:44 - 2014-06-14 19:21 - 00000000 ____D C:\Users\Daniel\AppData\Local\PokerStars.EU
2015-12-09 04:39 - 2014-05-07 18:25 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-06 11:19 - 2014-05-05 05:06 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 11:19 - 2014-05-05 05:06 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-06 11:04 - 2014-08-16 21:42 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-06 11:04 - 2014-05-05 14:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\AMD
2015-12-01 01:32 - 2015-10-03 15:01 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-10-03 15:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-27 21:25 - 2014-11-27 21:25 - 0004676 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2015-05-16 13:40 - 2015-05-16 13:40 - 0370070 _____ () C:\Users\Daniel\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2015-02-13 17:03 - 2015-02-13 17:03 - 0000011 _____ () C:\ProgramData\.tv7
2014-05-05 15:24 - 2014-05-05 15:24 - 0558105 _____ () C:\ProgramData\1399299703.bdinstall.bin
2015-01-05 15:23 - 2015-01-05 15:23 - 0259192 _____ () C:\ProgramData\1420467746.bdinstall.bin
2015-02-08 16:01 - 2015-02-08 16:01 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-08-01 19:19 - 2015-08-01 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-09 18:17 - 2014-08-09 18:17 - 0005044 _____ () C:\ProgramData\flwjycbm.bab

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-14 22:04

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 23.12.2015, 14:24   #12
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Hi,

eine Meldung von MBAM kommt von dem Programm BandwidthStat. Dieses ist als unerwünschte Software bekannt. Wenn du es nicht benötigst, würde ich dir empfehlen es zu deinstallieren.

Die andere kommt vom Sony PC Companion, welche versucht auf "tr553.com" zuzugreifen, was auch als unerwünschte Seite bekannt ist. Deinstallier und installiere es mal neu.

Kommt die Meldung von OneNote beim Neustart immer noch?

Alt 23.12.2015, 19:52   #13
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Perfekt. Alles geht!!

OneNote habe ich deinstalliert. Habe ich eh nie genutzt. Keine Meldungen mehr beim Neustart. Optimal.

Vielen lieben Dank und frohes Fest. Hab euch ne Kleinigkeit gespendet!

Grüße

Alt 23.12.2015, 22:31   #14
Deathkid535
/// Malwareteam
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Hi,

danke für die Spende. Dir auch frohe Weihnachten und einen guten Rutsch!

Dann wären wir hier durch. Deine Logs sind sauber

Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür!

Schritt # 1: Entfernen unserer Tools

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Abschließend noch ein paar Tipps von mir:

Schritt # 2: Empfohlene Software

Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet).

Ich empfehle:

Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen.

Alternativ kannst du verwenden:Dazu sind folgende Add-ons empfehlenswert:

uBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus.
Ghostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.

Du kannst auch Malwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.

Halte immer deine Plug-ins und Software aktuell, vor allem:Du kannst diese komfortabel regelmäßig hiermit überprüfen:

PluginCheck
Filehippo App Manager



Schritt # 3: Tipps um eine Neuinfektion zu vermeiden

Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen

Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt.
Da hilft es nur aufmerksam zu sein.

Ein Tool, welches dich dabei gut unterstützen kann, ist: Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.

Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln.

Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit Malwarebytes Anti-Malware und ESET.

Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen.



Schritt # 4: Unterstütze uns!

Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html

Es reicht aber auch schon ein simples hier, wenn du mit uns zufrieden warst.

unsere Facebook-Seite!

Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann.

Alt 23.12.2015, 23:00   #15
Global82
 
Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Standard

Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam



Alles verstanden und teilweise die Programme heruntergeladen. Vielen Dank

TipTop Service!

Antwort

Themen zu Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam
bluestacks, bonjour, dnsapi.dll, downloader, ebay, flash player, google, homepage, installation, internet, langsam, monitor, mozilla, programm, prozesse, realtek, registry, scan, security, senden, services.exe, starmoney, starten, super, svchost.exe, system, udp, warnung, windows, windows 10 pro



Ähnliche Themen: Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam


  1. Windows 7 - Avast und Malewarebytes melden infizierte Dateien - Notebook sehr langsam
    Log-Analyse und Auswertung - 22.12.2015 (15)
  2. Internet teilweise langsam/lädt nicht
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (21)
  3. Windows 7; Malwarebytes findet täglich zw 150 und 200 infizierte Dateien
    Log-Analyse und Auswertung - 26.04.2014 (17)
  4. WIN 7: Ad-Aware meldet infizierte Dateien
    Log-Analyse und Auswertung - 17.02.2014 (18)
  5. Windows 8: Mit Malwarebytes 3000+ infizierte Dateien gefunden
    Log-Analyse und Auswertung - 11.02.2014 (9)
  6. Malwarebytes findet infizierte Dateien, die sich nicht entfernen lassen
    Plagegeister aller Art und deren Bekämpfung - 18.01.2014 (20)
  7. 21 Infizierte Dateien bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (3)
  8. Malwarebytes meldet 88 infizierte Objekte!
    Plagegeister aller Art und deren Bekämpfung - 08.10.2013 (20)
  9. Windows 8: Malwarebytes hat 48 infizierte Dateien gefunden
    Log-Analyse und Auswertung - 19.09.2013 (7)
  10. Windows 7: Malwarebytes Anti-Malware meldet hunderte Infizierungen mit diversen PUP.Optional Dateien
    Log-Analyse und Auswertung - 13.09.2013 (7)
  11. Windows XP: 2 infizierte Dateien nach Malwarebytes Scan
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (5)
  12. malwarebytes findet ucash - infizierte Dateien nicht mehr
    Log-Analyse und Auswertung - 20.07.2012 (3)
  13. Bundespolizei ? Internet gesperrt, Malwarebytes zeigt infizierte Dateien und Registrierung
    Log-Analyse und Auswertung - 06.06.2012 (59)
  14. Downloads langsam (brechen ab) und .exe dateien teilweise nicht ausführbar
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (13)
  15. Firefox/Internet funktioniert nur bedingt/gar nicht + Abstürze -> infizierte Systemdateien
    Plagegeister aller Art und deren Bekämpfung - 27.08.2010 (21)
  16. Ungewollter Seitenaufruf im IE und Windows Explorer funktioniert teilweise nicht!
    Plagegeister aller Art und deren Bekämpfung - 14.08.2008 (32)
  17. Internet-Explorer kann Seite nicht anzeigen und infizierte Dateien lassen sich nicht
    Log-Analyse und Auswertung - 05.06.2007 (3)

Zum Thema Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam - Guten Tag zusammen, seit ca. 1 Woche habe ich nun folgendes Problem. Nachdem ich laufend auf Werbeseiten weitergeleitet wurde, habe ich Malwarebytes installiert und es wurde prompt, nach einem Suchlauf, - Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam...
Archiv
Du betrachtest: Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.